PT-2018-16568 · Siemens · Simatic S7-400 H
Publicado
2018-05-16
·
Atualizado
2019-10-09
·
CVE-2018-4850
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below
SIMATIC S7-400 (incl. F) CPU hardware version 5.0 with firmware versions less than V5.2
SIMATIC S7-400H CPU hardware version 4.5 and below
Description
A vulnerability has been identified that improperly validates S7 communication packets, which could cause a Denial-of-Service condition of the CPU. The CPU will remain in DEFECT mode until manual restart.
Recommendations
For SIMATIC S7-400 (incl. F) CPU hardware version 4.0 and below, update to a version above 4.0 or apply a firmware update to address the issue.
For SIMATIC S7-400 (incl. F) CPU hardware version 5.0, update the firmware to V5.2 or later.
For SIMATIC S7-400H CPU hardware version 4.5 and below, update to a version above 4.5 to resolve the issue.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Simatic S7-400 H