Siemens SIMATIC CP 343-1 Lean Firmware 3.1.3

CPE Details

Siemens SIMATIC CP 343-1 Lean Firmware 3.1.3
siemens
simatic_cp_343-1_lean_firmware
3.1.3
2021-01-14
18h46 +00:00
2021-01-14
18h46 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:siemens:simatic_cp_343-1_lean_firmware:3.1.3:*:*:*:*:*:*:*

Informations

Vendor

siemens

Product

simatic_cp_343-1_lean_firmware

Version

3.1.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-33737 2021-09-14 08h47 +00:00 A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations.
7.5
High
CVE-2019-13946 2020-02-11 14h36 +00:00 Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.
7.5
High