A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Under special conditions it was possible to write SNMP variables on port 161/udp which should be read-only and should only be configured with TIA-Portal. A write to these variables could reduce the availability or cause a denial-of-service.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/94436 | Third Party Advisory VDB Entry |
http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-672373.pdf | Patch Vendor Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-672373.pdf | |
https://ics-cert.us-cert.gov/advisories/ICSA-16-327-01 |
Configurations
Configuration 1 (hide)
AND |
|
History
12 Apr 2022, 10:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Under special conditions it was possible to write SNMP variables on port 161/udp which should be read-only and should only be configured with TIA-Portal. A write to these variables could reduce the availability or cause a denial-of-service. |
12 Apr 2022, 09:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Under special conditions it was possible to write SNMP variables on port 161/udp which should be read-only and should only be configured with TIA-Portal. A write to these variables could reduce the availability or cause a denial-of-service. |
Information
Published : 2016-11-18 21:59
Updated : 2023-12-10 12:01
NVD link : CVE-2016-8562
Mitre link : CVE-2016-8562
CVE.ORG link : CVE-2016-8562
JSON object : View
Products Affected
siemens
- simatic_cp_1543-1_firmware
- simatic_cp_1543-1
CWE
CWE-20
Improper Input Validation