https://cert-portal.siemens.com/productcert/html/ssa-398330.html
https://cert-portal.siemens.com/productcert/html/ssa-879734.html
https://cert-portal.siemens.com/productcert/html/ssa-625862.html
https://cert-portal.siemens.com/productcert/html/ssa-794697.html
https://www.openssl.org/news/secadv/20230207.txt
https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-11
https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-10
https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-11
Severity: Medium
ID: 502325
Version: 1.5
Type: remote
Family: Tenable.ot
Published: 7/23/2024
Updated: 9/4/2024
Supported Sensors: Tenable OT Security
Risk Factor: Low
Score: 2.2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS Score Source: CVE-2023-0466
Risk Factor: Medium
Base Score: 5.3
Temporal Score: 4.6
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: cpe:/o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware, cpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware, cpe:/o:siemens:simatic_s7-1500_firmware, cpe:/o:siemens:scalance_xm416-4c_firmware, cpe:/o:siemens:scalance_xr524-8c_firmware, cpe:/o:siemens:simatic_cp_1543sp-1_firmware, cpe:/o:siemens:scalance_xm408-4c_firmware, cpe:/o:siemens:simatic_s7-1500_tm_mfp, cpe:/o:siemens:simatic_cp_1542sp-1_firmware, cpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware, cpe:/o:siemens:scalance_xr526-8c_firmware, cpe:/o:siemens:scalance_xm408-8c_firmware, cpe:/o:siemens:scalance_xr552-12m_firmware, cpe:/o:siemens:simatic_cp_1542sp-1_irc_firmware, cpe:/o:siemens:scalance_xr528-6m_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Patch Publication Date: 1/10/2023
Vulnerability Publication Date: 1/10/2023
CVE: CVE-2023-0466
CWE: 326
ICSA: 23-166-11, 24-165-10, 24-165-11