1. Home
  2. CVE Database
  3. CVE-2023-36521
HIGH · 8.6

CVE-2023-36521

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4...

Vulnerability Description

A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). The result synchronization server of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of all socket-based communication of the affected products if the result server is enabled.

CVSS Score

8.6

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
SiemensSimatic Mv540 H Firmware< 3.3.4
SiemensSimatic Mv540 H-
SiemensSimatic Mv540 S Firmware< 3.3.4
SiemensSimatic Mv540 S-
SiemensSimatic Mv550 H Firmware< 3.3.4
SiemensSimatic Mv550 H-
SiemensSimatic Mv550 S Firmware< 3.3.4
SiemensSimatic Mv550 S-
SiemensSimatic Mv560 U Firmware< 3.3.4
SiemensSimatic Mv560 U-
SiemensSimatic Mv560 X Firmware< 3.3.4
SiemensSimatic Mv560 X-

Related Weaknesses (CWE)

CWE-770

References

FAQ

What is CVE-2023-36521?

CVE-2023-36521 is a vulnerability with a CVSS score of 8.6 (HIGH). A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4...

How severe is CVE-2023-36521?

CVE-2023-36521 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-36521?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Simatic Mv540 H Firmware, Siemens Simatic Mv540 H, Siemens Simatic Mv540 S Firmware, Siemens Simatic Mv540 S, Siemens Simatic Mv550 H Firmware.