CVE-2023-46284

A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-999588.html
https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:siemens:opcenter_quality:-:::::::*
	cpe:2.3:a:siemens:simatic_pcs_neo::::::::
	cpe:2.3:a:siemens:sinumerik_integrate_runmyhmi_\/automotive:-:::::::*
	cpe:2.3:a:siemens:totally_integrated_automation_portal::::::::
	cpe:2.3:a:siemens:totally_integrated_automation_portal::::::::
	cpe:2.3:a:siemens:totally_integrated_automation_portal::::::::
	cpe:2.3:a:siemens:totally_integrated_automation_portal::::::::
	cpe:2.3:a:siemens:totally_integrated_automation_portal:-:::::::*
	cpe:2.3:a:siemens:totally_integrated_automation_portal:18:::::::*
	cpe:2.3:a:siemens:totally_integrated_automation_portal:18:update_1::::::

History

13 Feb 2024, 09:15

Type	Values Removed	Values Added
Summary	(en) A vulnerability has been identified in Opcenter Quality (All versions), SIMATIC PCS neo (All versions < V4.1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.	(en) A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.
References		() https://cert-portal.siemens.com/productcert/html/ssa-999588.html -

09 Jan 2024, 10:15

Type	Values Removed	Values Added
Summary	(en) A vulnerability has been identified in Opcenter Quality (All versions), SIMATIC PCS neo (All versions < V4.1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.	(en) A vulnerability has been identified in Opcenter Quality (All versions), SIMATIC PCS neo (All versions < V4.1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.

15 Dec 2023, 15:47

Type	Values Removed	Values Added
Summary		(es) Se ha identificado una vulnerabilidad en: Opcenter Quality (todas las versiones), SIMATIC PCS neo (todas las versiones < V4.1), SINUMERIK Integrate RunMyHMI /Automotive (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V14 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V15.1 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V16 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) V17 (todas las versiones), Totally Integrated Automation Portal (TIA Portal) ) V18 (Todas las versiones
First Time		Siemens totally Integrated Automation Portal Siemens Siemens simatic Pcs Neo Siemens opcenter Quality Siemens sinumerik Integrate Runmyhmi \/automotive
CWE		CWE-787
References	~~() https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf -~~	() https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf - Patch, Vendor Advisory
CPE		cpe:2.3:a:siemens:simatic_pcs_neo:::::::: cpe:2.3:a:siemens:totally_integrated_automation_portal:18:::::::* cpe:2.3:a:siemens:totally_integrated_automation_portal:::::::: cpe:2.3:a:siemens:sinumerik_integrate_runmyhmi_\/automotive:-:::::::* cpe:2.3:a:siemens:totally_integrated_automation_portal:18:update_1:::::: cpe:2.3:a:siemens:totally_integrated_automation_portal:-:::::::* cpe:2.3:a:siemens:opcenter_quality:-:::::::*

12 Dec 2023, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-12-12 12:15

Updated : 2024-02-13 09:15

NVD link : CVE-2023-46284

Mitre link : CVE-2023-46284

CVE.ORG link : CVE-2023-46284

JSON object : View

Products Affected

siemens

opcenter_quality
sinumerik_integrate_runmyhmi_\/automotive
simatic_pcs_neo
totally_integrated_automation_portal

CWE

CWE-787

Out-of-bounds Write

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

7.5 /10