Detections
Analytics
Siemens SIMATIC CP Products Uncontrolled Resource Consumption (CVE-2023-37195)
medium Tenable OT Security Plugin ID 501998
Synopsis
The remote OT asset is affected by a vulnerability.Description
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions).Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests. This could allow local attackers with administrative privileges to cause a denial of service situation on the host. A physical power cycle is required to get the system working again.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
https://cert-portal.siemens.com/productcert/pdf/ssa-784849.pdf
Plugin Details
Severity: Medium
ID: 501998
Version: 1.1
Type: remote
Family: Tenable.ot
Published: 2/20/2024
Updated: 2/21/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.2
Vector: CVSS2#AV:L/AC:L/Au:M/C:N/I:N/A:C
CVSS Score Source: CVE-2023-37195
CVSS v3
Risk Factor: Medium
Base Score: 4.4
Temporal Score: 3.9
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:siemens:simatic_cp_1604_firmware:-, cpe:/o:siemens:simatic_cp_1616_firmware:-, cpe:/o:siemens:simatic_cp_1623_firmware:-, cpe:/o:siemens:simatic_cp_1626_firmware:-, cpe:/o:siemens:simatic_cp_1628_firmware:-
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Patch Publication Date: 10/10/2023
Vulnerability Publication Date: 10/10/2023
Reference Information
CVE: CVE-2023-37195
CWE: 400