Vulnerability Details CVE-2023-28831
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.
This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.2%
CVSS Severity
CVSS v3 Score 7.5
References
- https://cert-portal.siemens.com/productcert/html/ssa-118850.html
- https://cert-portal.siemens.com/productcert/html/ssa-711309.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf
- https://cert-portal.siemens.com/productcert/html/ssa-118850.html
- https://cert-portal.siemens.com/productcert/html/ssa-711309.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-118850.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf
Products affected by CVE-2023-28831
-
cpe:2.3:h:siemens:simatic_cloud_connect_7_cc712:-
-
cpe:2.3:h:siemens:simatic_cloud_connect_7_cc716:-
-
cpe:2.3:h:siemens:simatic_drive_controller_cpu_1504d_tf:-
-
cpe:2.3:h:siemens:simatic_drive_controller_cpu_1507d_tf:-
-
cpe:2.3:h:siemens:simatic_et_200sp_open_controller_cpu:-
-
cpe:2.3:h:siemens:simatic_s7-1200_cpu:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1510sp-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1510sp_f-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511c-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511f-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511t-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511tf-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512c-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512sp-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512sp_f-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513f-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513r-1_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514sp-2_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514sp_f-2_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514spt-2_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1514spt_f-2_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515-2_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515f-2_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515r-2_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515t-2_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515tf-2_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516f-3_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516t-3_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516tf-3_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517f-3_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517h-3_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517t-3_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517tf-3_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn/dp_mfp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn/dp_mfp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518hf-4_pn:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518t-4_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518tf-4_pn/dp:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_s7-1518-4_pn/dp_odk:-
-
cpe:2.3:h:siemens:simatic_s7-1500_cpu_s7-1518f-4_pn/dp_odk:-
-
cpe:2.3:h:siemens:simatic_s7-1500_et_200pro:-
-
cpe:2.3:h:siemens:simatic_s7-1500_software_controller:v2
-
cpe:2.3:h:siemens:simatic_s7-1500_software_controller:v3
-
cpe:2.3:h:siemens:simatic_s7-plcsim_advanced:-
-
cpe:2.3:h:siemens:siplus_et_200sp_cpu_1510sp-1_pn:-
-
cpe:2.3:h:siemens:siplus_et_200sp_cpu_1510sp-1_pn_rail:-
-
cpe:2.3:h:siemens:siplus_et_200sp_cpu_1510sp_f-1_pn:-
-
cpe:2.3:h:siemens:siplus_et_200sp_cpu_1510sp_f-1_pn_rail:-
-
cpe:2.3:h:siemens:siplus_et_200sp_cpu_1512sp-1_pn:-
-
cpe:2.3:h:siemens:siplus_et_200sp_cpu_1512sp-1_pn_rail:-
-
cpe:2.3:h:siemens:siplus_et_200sp_cpu_1512sp_f-1_pn:-
-
cpe:2.3:h:siemens:siplus_et_200sp_cpu_1512sp_f-1_pn_rail:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1511-1_pn:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1511-1_pn_t1_rail:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1511-1_pn_tx_rail:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1511f-1_pn:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1513-1_pn:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1513f-1_pn:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1515f-2_pn:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1515f-2_pn_rail:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1515f-2_pn_t2_rail:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1515r-2_pn:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1515r-2_pn_tx_rail:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1516-3_pn/dp:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1516-3_pn/dp_rail:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1516-3_pn/dp_tx_rail:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1516f-3_pn/dp:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1516f-3_pn/dp_rail:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1517h-3_pn:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1518-4_pn/dp:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1518-4_pn/dp_mfp:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1518f-4_pn/dp:-
-
cpe:2.3:h:siemens:siplus_s7-1500_cpu_1518hf-4_pn:-
-
cpe:2.3:o:siemens:simatic_cloud_connect_7_cc712_firmware:*
-
cpe:2.3:o:siemens:simatic_cloud_connect_7_cc716_firmware:*
-
cpe:2.3:o:siemens:simatic_drive_controller_cpu_1504d_tf_firmware:-
-
cpe:2.3:o:siemens:simatic_drive_controller_cpu_1507d_tf_firmware:-
-
cpe:2.3:o:siemens:simatic_drive_controller_cpu_1507d_tf_firmware:2.9.2
-
cpe:2.3:o:siemens:simatic_drive_controller_cpu_1507d_tf_firmware:2.9.4
-
cpe:2.3:o:siemens:simatic_et_200sp_open_controller_cpu_firmware:*
-
cpe:2.3:o:siemens:simatic_s7-1200_cpu_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1510sp-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1510sp_f-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511-1_pn_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511-1_pn_firmware:2.5
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511-1_pn_firmware:2.8
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511-1_pn_firmware:3.1.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511c-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511c-1_pn_firmware:3.1.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511f-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511f-1_pn_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511t-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511tf-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1512c-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1512sp-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1512sp_f-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513-1_pn_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513-1_pn_firmware:2.5
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513-1_pn_firmware:2.8
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513f-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513f-1_pn_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1513r-1_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1514sp-2_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1514sp_f-2_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1514spt-2_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1514spt_f-2_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515-2_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515-2_pn_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515-2_pn_firmware:2.5
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515-2_pn_firmware:2.8
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515f-2_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515f-2_pn_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515r-2_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515t-2_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1515tf-2_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1516-3_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1516-3_pn/dp_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1516f-3_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1516f-3_pn/dp_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1516t-3_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1516tf-3_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1517-3_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1517-3_pn/dp_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1517f-3_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1517f-3_pn/dp_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1517h-3_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1517t-3_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1517tf-3_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn/dp_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn/dp_firmware:3.1.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn/dp_mfp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn/dp_firmware:2.0
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518f-4_pn/dp_mfp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518hf-4_pn_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518t-4_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518tf-4_pn/dp_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_s7-1518-4_pn/dp_odk_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_cpu_s7-1518f-4_pn/dp_odk_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_et_200pro_firmware:*
-
cpe:2.3:o:siemens:simatic_s7-1500_software_controller_firmware:-
-
cpe:2.3:o:siemens:simatic_s7-1500_software_controller_firmware:2.1
-
cpe:2.3:o:siemens:simatic_s7-plcsim_advanced_firmware:-
-
cpe:2.3:o:siemens:siplus_et_200sp_cpu_1510sp-1_pn_firmware:-
-
cpe:2.3:o:siemens:siplus_et_200sp_cpu_1510sp-1_pn_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_et_200sp_cpu_1510sp_f-1_pn_firmware:-
-
cpe:2.3:o:siemens:siplus_et_200sp_cpu_1510sp_f-1_pn_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_et_200sp_cpu_1512sp-1_pn_firmware:-
-
cpe:2.3:o:siemens:siplus_et_200sp_cpu_1512sp-1_pn_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_et_200sp_cpu_1512sp_f-1_pn_firmware:-
-
cpe:2.3:o:siemens:siplus_et_200sp_cpu_1512sp_f-1_pn_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1511-1_pn_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1511-1_pn_t1_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1511-1_pn_tx_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1511f-1_pn_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1513-1_pn_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1513f-1_pn_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1515f-2_pn_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1515f-2_pn_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1515f-2_pn_t2_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1515r-2_pn_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1515r-2_pn_tx_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1516-3_pn/dp_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1516-3_pn/dp_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1516-3_pn/dp_tx_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1516f-3_pn/dp_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1516f-3_pn/dp_rail_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1517h-3_pn_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1518-4_pn/dp_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1518-4_pn/dp_mfp_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1518f-4_pn/dp_firmware:-
-
cpe:2.3:o:siemens:siplus_s7-1500_cpu_1518hf-4_pn_firmware:-