siemens simatic_cfu_diq_firmware 未加控制的资源消耗(资源穷尽)

CVE编号

CVE-2022-25622

利用情况

暂无

补丁情况

N/A

披露时间

2022-04-12
漏洞描述
A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (All versions), SIMIT Simulation Platform (All versions). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接
https://cert-portal.siemens.com/productcert/html/ssa-446448.html
https://cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
应用 siemens simit_simulation_platform * -
运行在以下环境
系统 siemens simatic_cfu_diq_firmware * -
运行在以下环境
系统 siemens simatic_cfu_pa_firmware * -
运行在以下环境
系统 siemens simatic_s7-1500_cpu_firmware * Up to
(excluding)
2.0.0
运行在以下环境
系统 siemens simatic_s7-300_cpu_firmware * -
运行在以下环境
系统 siemens simatic_s7-400h_v6_firmware * -
运行在以下环境
系统 siemens simatic_s7-400_pn/dp_v7_firmware * -
运行在以下环境
系统 siemens simatic_s7-410_v10_firmware * -
运行在以下环境
系统 siemens simatic_s7-410_v8_firmware * -
运行在以下环境
系统 siemens simatic_tdc_cp51m1_firmware * -
运行在以下环境
系统 siemens simatic_tdc_cpu555_firmware * -
运行在以下环境
系统 siemens simatic_winac_rtx_firmware * -
运行在以下环境
硬件 siemens simatic_cfu_diq - -
运行在以下环境
硬件 siemens simatic_cfu_pa - -
运行在以下环境
硬件 siemens simatic_s7-1500_cpu - -
运行在以下环境
硬件 siemens simatic_s7-300_cpu - -
运行在以下环境
硬件 siemens simatic_s7-400h_v6 - -
运行在以下环境
硬件 siemens simatic_s7-400_pn/dp_v7 - -
运行在以下环境
硬件 siemens simatic_s7-410_v10 - -
运行在以下环境
硬件 siemens simatic_s7-410_v8 - -
运行在以下环境
硬件 siemens simatic_tdc_cp51m1 - -
运行在以下环境
硬件 siemens simatic_tdc_cpu555 - -
运行在以下环境
硬件 siemens simatic_winac_rtx - -
CVSS3评分
7.5
  • 攻击路径
    网络
  • 攻击复杂度
  • 权限要求
  • 影响范围
    未更改
  • 用户交互
  • 可用性
  • 保密性
  • 完整性
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-ID 漏洞类型
CWE-400 未加控制的资源消耗(资源穷尽)
阿里云安全产品覆盖情况