Vulnerability Description
Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Simatic Drive Controller Cpu 1504D Tf Firmware | < 3.1.0 |
| Siemens | Simatic Drive Controller Cpu 1504D Tf | - |
| Siemens | Simatic Drive Controller Cpu 1507D Tf Firmware | < 3.1.0 |
| Siemens | Simatic Drive Controller Cpu 1507D Tf | - |
| Siemens | Simatic Et 200Sp Open Control 1515Sp Pc2 Firmware | All versions |
| Siemens | Simatic Et 200Sp Open Control 1515Sp Pc2 | - |
| Siemens | Simatic S7-1500 Cpu 1510Sp F-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1510Sp F-1 Pn | - |
| Siemens | Simatic S7-1500 Cpu 1510Sp-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1510Sp-1 Pn | - |
| Siemens | Simatic S7-1500 Cpu 1511-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1511-1 Pn | - |
| Siemens | Simatic S7-1500 Cpu 1511C-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1511C-1 Pn | - |
| Siemens | Simatic S7-1500 Cpu 1511F-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1511F-1 Pn | - |
| Siemens | Simatic S7-1500 Cpu 1511T-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1511T-1 Pn | - |
| Siemens | Simatic S7-1500 Cpu 1511Tf-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1511Tf-1 Pn | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/html/ssa-280603.html
- https://cert-portal.siemens.com/productcert/html/ssa-592380.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-280603.pdfVendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-592380.pdfVendor Advisory
- https://cert-portal.siemens.com/productcert/html/ssa-280603.html
- https://cert-portal.siemens.com/productcert/html/ssa-592380.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-280603.pdfVendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-592380.pdfVendor Advisory
FAQ
What is CVE-2023-46156?
CVE-2023-46156 is a vulnerability with a CVSS score of 7.5 (HIGH). Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operati...
How severe is CVE-2023-46156?
CVE-2023-46156 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-46156?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Simatic Drive Controller Cpu 1504D Tf Firmware, Siemens Simatic Drive Controller Cpu 1504D Tf, Siemens Simatic Drive Controller Cpu 1507D Tf Firmware, Siemens Simatic Drive Controller Cpu 1507D Tf, Siemens Simatic Et 200Sp Open Control 1515Sp Pc2 Firmware.