Siemens: >> Simatic S7-1500 Cpu 1518f-4 Pn/dp Mfp Security Vulnerabilities
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.
This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.
CVSS Score
7.5
EPSS Score
0.005
Published
2023-09-12
Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code.
CVSS Score
4.6
EPSS Score
0.001
Published
2023-01-10