CVE-2023-37194

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-37194
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). The kernel memory of affected devices is exposed to user-mode via direct memory access (DMA) which could allow a local attacker with administrative privileges to execute arbitrary code on the host system without any restrictions.

6.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-784849.pdf Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:simatic_cp_1604_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:simatic_cp_1616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:simatic_cp_1623_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1623:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:simatic_cp_1626_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1626:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:simatic_cp_1628_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1628:-:*:*:*:*:*:*:*
History

16 Oct 2023, 18:28

Type Values Removed Values Added
CPE cpe:2.3:h:siemens:simatic_cp_1623:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1626:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_cp_1628_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1616:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_cp_1604_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_cp_1616_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1604:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_cp_1623_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_cp_1626_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_cp_1628:-:*:*:*:*:*:*:*
References (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-784849.pdf - (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-784849.pdf - Vendor Advisory
First Time Siemens simatic Cp 1616
Siemens simatic Cp 1604
Siemens simatic Cp 1626
Siemens simatic Cp 1628 Firmware
Siemens simatic Cp 1623
Siemens simatic Cp 1626 Firmware
Siemens simatic Cp 1623 Firmware
Siemens simatic Cp 1628
Siemens
Siemens simatic Cp 1604 Firmware
Siemens simatic Cp 1616 Firmware

10 Oct 2023, 11:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-10-10 11:15

Updated : 2023-12-10 15:14

NVD link : CVE-2023-37194

Mitre link : CVE-2023-37194

CVE.ORG link : CVE-2023-37194

JSON object : View

Products Affected

siemens

  • simatic_cp_1626_firmware
  • simatic_cp_1628
  • simatic_cp_1626
  • simatic_cp_1623_firmware
  • simatic_cp_1616_firmware
  • simatic_cp_1616
  • simatic_cp_1623
  • simatic_cp_1604_firmware
  • simatic_cp_1604
  • simatic_cp_1628_firmware
CWE
CWE-284

Improper Access Control