Vulnerability Details CVE-2023-36521
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). The result synchronization server of the affected products contains a
vulnerability that may lead to a denial of service condition. An attacker may
cause a denial of service situation of all socket-based communication of the
affected products if the result server is enabled.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.5%
CVSS Severity
CVSS v3 Score 8.6
References
Products affected by CVE-2023-36521
-
cpe:2.3:h:siemens:simatic_mv540_h:-
-
cpe:2.3:h:siemens:simatic_mv540_s:-
-
cpe:2.3:h:siemens:simatic_mv550_h:-
-
cpe:2.3:h:siemens:simatic_mv550_s:-
-
cpe:2.3:h:siemens:simatic_mv560_u:-
-
cpe:2.3:h:siemens:simatic_mv560_x:-
-
cpe:2.3:o:siemens:simatic_mv540_h_firmware:3.3
-
cpe:2.3:o:siemens:simatic_mv540_s_firmware:3.3
-
cpe:2.3:o:siemens:simatic_mv550_h_firmware:3.3
-
cpe:2.3:o:siemens:simatic_mv550_s_firmware:3.3
-
cpe:2.3:o:siemens:simatic_mv560_u_firmware:3.3
-
cpe:2.3:o:siemens:simatic_mv560_x_firmware:3.3