A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Under special conditions it was possible to write SNMP variables on port 161/udp which should be read-only and should only be configured with TIA-Portal. A write to these variables could reduce the availability or cause a denial-of-service.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HSiemens Simatic Cp 1543 1
HWSiemenswszystkie wersjeSiemens Simatic Cp 1543 1 Firmware
OSSiemens< 2.0.28Siemens Siplus Net Cp 1543 1
HWSiemenswszystkie wersjeSiemens Siplus Net Cp 1543 1 Firmware
OSSiemens< 2.0.28
CISA KEV — detailsi
- Vendori
- Siemens
- Producti
- SIMATIC CP
- Added to KEVi
- March 3, 2022
- Remediation deadline (US Federal)i
- March 24, 2022(overdue)
Apply updates per vendor instructions.
An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.
Related vulnerabilities
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All v...
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and ...
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < ...
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All v...
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2), RUGGEDCOM RM1224 LTE(...