Vulnerability Details CVE-2023-29105
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device is vulnerable to a denial of service while parsing a random (non-JSON) MQTT payload. This could allow an attacker who can manipulate the communication between the MQTT broker and the affected device to cause a denial of service (DoS).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.9%
CVSS Severity
CVSS v3 Score 5.9
References
Products affected by CVE-2023-29105
-
cpe:2.3:h:siemens:6gk1411-1ac00:-
-
cpe:2.3:h:siemens:6gk1411-5ac00:-
-
cpe:2.3:o:siemens:6gk1411-1ac00_firmware:*
-
cpe:2.3:o:siemens:6gk1411-5ac00_firmware:*