CVE-2018-13815

Name of the Vulnerable Software and Affected Versions SIMATIC S7-1200 versions all SIMATIC S7-1500 versions prior to V2.6

Description A vulnerability has been identified that could allow an attacker to exhaust the available connection pool of an affected device by opening a sufficient number of connections to it. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit this issue. If exploited, it could cause a Denial-of-Service condition impacting the availability of the system. At the time of advisory publication, no public exploitation of this issue was known.

Recommendations For SIMATIC S7-1200, restrict access to port 102/tcp to minimize the risk of exploitation. For SIMATIC S7-1500 versions prior to V2.6, consider upgrading to version V2.6 or later to resolve the issue. As a temporary workaround, consider limiting the number of connections to the device to prevent exhaustion of the available connection pool.