CPE-38B98924-6790-4F45-AD02-E14168FF9E5D Detail

CPE Details

Siemens SIMATIC CP 1616 Firmware

Vendor

siemens

Product

simatic_cp_1616_firmware

Version

Created

2020-02-24
14h00 +00:00

Modified

2020-02-24
14h00 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:o:siemens:simatic_cp_1616_firmware:-:::::::*

Informations

Vendor

siemens

Product

simatic_cp_1616_firmware

Version

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-37195	2023-10-10 10h21 +00:00	A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests. This could allow local attackers with administrative privileges to cause a denial of service situation on the host. A physical power cycle is required to get the system working again.	4.4	Medium
CVE-2023-37194	2023-10-10 10h21 +00:00	A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). The kernel memory of affected devices is exposed to user-mode via direct memory access (DMA) which could allow a local attacker with administrative privileges to execute arbitrary code on the host system without any restrictions.	6.7	Medium
CVE-2019-13946	2020-02-11 14h36 +00:00	Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.	7.5	High
CVE-2017-2681	2017-05-11 08h00 +00:00	Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected.	7.1	High
CVE-2017-2680	2017-05-10 23h00 +00:00	Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected.	7.1	High

Siemens SIMATIC CP 1616 Firmware

CPE Details

CPE Name: cpe:2.3:o:siemens:simatic_cp_1616_firmware:-:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:o:siemens:simatic_cp_1616_firmware:-:::::::*