PT-2021-7270 · Siemens · Simatic S7-400 Cpu 417-4 Dp V7+13
Published
2021-09-01
·
Updated
2023-04-11
·
CVE-2021-40368
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
SIMATIC S7-400 CPU 412-1 DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 412-2 DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 412-2 PN/DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 414-2 DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 414-3 DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 414-3 PN/DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 414F-3 PN/DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 416-2 DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 416-3 DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 416-3 PN/DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 416F-2 DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 416F-3 PN/DP V7 versions prior to V7.0.3
SIMATIC S7-400 CPU 417-4 DP V7 versions prior to V7.0.3
SIMATIC S7-400 H V6 CPU family versions prior to V6.0.10
SIMATIC S7-410 V10 CPU family versions prior to V10.1
SIMATIC S7-410 V8 CPU family versions prior to V8.2.3
SIPLUS S7-400 CPU 414-3 PN/DP V7 versions prior to V7.0.3
SIPLUS S7-400 CPU 416-3 PN/DP V7 versions prior to V7.0.3
SIPLUS S7-400 CPU 416-3 V7 versions prior to V7.0.3
SIPLUS S7-400 CPU 417-4 V7 versions prior to V7.0.3
Description
The issue is related to the improper handling of specially crafted packets sent to port 102/tcp, which could allow an attacker to create a Denial-of-Service condition. A restart is needed to restore normal operations.
Recommendations
For SIMATIC S7-400 CPU 412-1 DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 412-2 DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 412-2 PN/DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 414-2 DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 414-3 DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 414-3 PN/DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 414F-3 PN/DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 416-2 DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 416-3 DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 416-3 PN/DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 416F-2 DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 416F-3 PN/DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 CPU 417-4 DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIMATIC S7-400 H V6 CPU family versions prior to V6.0.10, update to version V6.0.10 or later.
For SIMATIC S7-410 V10 CPU family versions prior to V10.1, update to version V10.1 or later.
For SIMATIC S7-410 V8 CPU family versions prior to V8.2.3, update to version V8.2.3 or later.
For SIPLUS S7-400 CPU 414-3 PN/DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIPLUS S7-400 CPU 416-3 PN/DP V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIPLUS S7-400 CPU 416-3 V7 versions prior to V7.0.3, update to version V7.0.3 or later.
For SIPLUS S7-400 CPU 417-4 V7 versions prior to V7.0.3, update to version V7.0.3 or later.
As a temporary workaround, consider restricting access to port 102/tcp to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Simatic S7-400 Cpu 412-1 Dp V7
Simatic S7-400 Cpu 412-2 Pn V7
Simatic S7-400 Cpu 414-2 Dp V7
Simatic S7-400 Cpu 414F-3 Pn/Dp V7
Simatic S7-400 Cpu 416-2 Dp V7
Simatic S7-400 Cpu 416-3 Pn/Dp V7
Simatic S7-400 Cpu 417-4 Dp V7
Simatic S7-400 H V6 Cpu Family
Simatic S7-410 V10 Cpu Family
Simatic S7-410 V8 Cpu Family
Siplus S7-400 Cpu 414-3 Pn/Dp V7
Siplus S7-400 Cpu 416-3 Pn/Dp V7
Siplus S7-400 Cpu 416-3 V7
Siplus S7-400 Cpu 417-4 V7