Siemens: >> Simatic S7-1500 Software Controller Firmware >> 2.1 Security Vulnerabilities
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation.
This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-09-12
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a specially crafted HTTP request.
CVSS Score
7.5
EPSS Score
0.012
Published
2020-12-14