CVE-2018-16558

Name of the Vulnerable Software and Affected Versions SIMATIC S7-1500 CPU versions V2.0 through V2.5 SIMATIC S7-1500 CPU versions V1.8.5 and earlier

Description A vulnerability has been identified that could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device by sending specially crafted network packets to port 80/tcp or 443/tcp. The security vulnerability could be exploited by an attacker with network access to the affected systems on these ports. Successful exploitation requires no system privileges and no user interaction, potentially compromising the availability of the device. The issue is related to insufficient input data validation. At the time of advisory publication, no public exploitation of this security vulnerability was known.

Recommendations For SIMATIC S7-1500 CPU versions V2.0 through V2.5, update to a version V2.5 or later to resolve the issue. For SIMATIC S7-1500 CPU versions V1.8.5 and earlier, update to a version later than V1.8.5 to resolve the issue. As a temporary workaround, consider restricting access to ports 80/tcp and 443/tcp to minimize the risk of exploitation.