Zhu Wenzhe

**Name of the Vulnerable Software and Affected Versions** 3S-Smart CODESYS Web Server version 2.3 3S-Smart CODESYS Web Server versions prior to V1.1.9.19 **Description** A Stack-based Buffer Overflow issue was discovered in the 3S-Smart CODESYS Web Server. This issue can be exploited by a crafted request, potentially causing a buffer overflow, which could lead to the execution of arbitrary code on the web server or result in a denial-of-service condition due to a crash in the web server. **Recommendations** For version 2.3, update to a version newer than V1.1.9.19 to resolve the issue. For versions prior to V1.1.9.19, update to version V1.1.9.19 or newer to resolve the issue. As a temporary workaround, consider restricting access to the web server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SIMATIC S7-300 CPU family versions all SIMATIC S7-400 PN/DP V6 and below CPU family versions all SIMATIC S7-400 PN/DP V7 CPU family versions all SIMATIC S7-400 V6 and earlier CPU family versions all SIMATIC S7-400 V7 CPU family versions all **Description** A vulnerability has been identified that can be exploited by sending specially crafted packets to port 80/tcp, causing the affected devices to go into defect mode. A cold restart is required to recover the system. **Recommendations** For SIMATIC S7-300 CPU family, avoid using port 80/tcp until a fix is available. For SIMATIC S7-400 PN/DP V6 and below CPU family, restrict access to port 80/tcp to minimize the risk of exploitation. For SIMATIC S7-400 PN/DP V7 CPU family, consider disabling the affected port until a patch is available. For SIMATIC S7-400 V6 and earlier CPU family, restrict access to the vulnerable component to prevent exploitation. For SIMATIC S7-400 V7 CPU family, as a temporary workaround, consider implementing additional security measures to prevent specially crafted packets from being sent to port 80/tcp.

**Name of the Vulnerable Software and Affected Versions** SIMATIC S7-300 CPU family versions all SIMATIC S7-400 PN/DP V6 and below CPU family versions all SIMATIC S7-400 PN/DP V7 CPU family versions all SIMATIC S7-400 V6 and earlier CPU family versions all SIMATIC S7-400 V7 CPU family versions all SIMATIC S7-410 V8 CPU family versions all **Description** A vulnerability has been identified that allows an attacker with network access to port 102/tcp (ISO-TSAP) or via Profibus to obtain credentials from the PLC if protection-level 2 is configured on the affected devices. **Recommendations** For SIMATIC S7-300 CPU family, consider disabling protection-level 2 until a patch is available. For SIMATIC S7-400 PN/DP V6 and below CPU family, restrict access to port 102/tcp (ISO-TSAP) to minimize the risk of exploitation. For SIMATIC S7-400 PN/DP V7 CPU family, avoid using Profibus until the issue is resolved. For SIMATIC S7-400 V6 and earlier CPU family, consider configuring an alternative protection level. For SIMATIC S7-400 V7 CPU family, restrict access to the PLC to minimize the risk of exploitation. For SIMATIC S7-410 V8 CPU family, consider disabling protection-level 2 until a patch is available.