CVE-2022-43716

Name of the Vulnerable Software and Affected Versions SIMATIC CP 1242-7 V2 versions prior to V3.4.29 SIMATIC CP 1243-1 versions prior to V3.4.29 SIMATIC CP 1243-1 DNP3 versions prior to V3.4.29 SIMATIC CP 1243-1 IEC versions prior to V3.4.29 SIMATIC CP 1243-7 LTE EU versions prior to V3.4.29 SIMATIC CP 1243-7 LTE US versions prior to V3.4.29 SIMATIC CP 1243-8 IRC versions prior to V3.4.29 SIMATIC CP 1542SP-1 versions prior to V2.3 SIMATIC CP 1542SP-1 IRC versions prior to V2.3 SIMATIC CP 1543SP-1 versions prior to V2.3 SIMATIC CP 443-1 versions prior to V3.3 SIMATIC CP 443-1 Advanced versions prior to V3.3 SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL versions prior to V2.3 SIPLUS ET 200SP CP 1543SP-1 ISEC versions prior to V2.3 SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL versions prior to V2.3 SIPLUS NET CP 1242-7 V2 versions prior to V3.4.29 SIPLUS NET CP 443-1 versions prior to V3.3 SIPLUS NET CP 443-1 Advanced versions prior to V3.3 SIPLUS S7-1200 CP 1243-1 versions prior to V3.4.29 SIPLUS S7-1200 CP 1243-1 RAIL versions prior to V3.4.29 SIPLUS TIM 1531 IRC versions prior to V2.3.6 TIM 1531 IRC versions prior to V2.3.6

Description The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product. The vulnerability is related to the use of memory after it has been freed.

Recommendations For SIMATIC CP 1242-7 V2 versions prior to V3.4.29, update to version V3.4.29 or later. For SIMATIC CP 1243-1 versions prior to V3.4.29, update to version V3.4.29 or later. For SIMATIC CP 1243-1 DNP3 versions prior to V3.4.29, update to version V3.4.29 or later. For SIMATIC CP 1243-1 IEC versions prior to V3.4.29, update to version V3.4.29 or later. For SIMATIC CP 1243-7 LTE EU versions prior to V3.4.29, update to version V3.4.29 or later. For SIMATIC CP 1243-7 LTE US versions prior to V3.4.29, update to version V3.4.29 or later. For SIMATIC CP 1243-8 IRC versions prior to V3.4.29, update to version V3.4.29 or later. For SIMATIC CP 1542SP-1 versions prior to V2.3, update to version V2.3 or later. For SIMATIC CP 1542SP-1 IRC versions prior to V2.3, update to version V2.3 or later. For SIMATIC CP 1543SP-1 versions prior to V2.3, update to version V2.3 or later. For SIMATIC CP 443-1 versions prior to V3.3, update to version V3.3 or later. For SIMATIC CP 443-1 Advanced versions prior to V3.3, update to version V3.3 or later. For SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL versions prior to V2.3, update to version V2.3 or later. For SIPLUS ET 200SP CP 1543SP-1 ISEC versions prior to V2.3, update to version V2.3 or later. For SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL versions prior to V2.3, update to version V2.3 or later. For SIPLUS NET CP 1242-7 V2 versions prior to V3.4.29, update to version V3.4.29 or later. For SIPLUS NET CP 443-1 versions prior to V3.3, update to version V3.3 or later. For SIPLUS NET CP 443-1 Advanced versions prior to V3.3, update to version V3.3 or later. For SIPLUS S7-1200 CP 1243-1 versions prior to V3.4.29, update to version V3.4.29 or later. For SIPLUS S7-1200 CP 1243-1 RAIL versions prior to V3.4.29, update to version V3.4.29 or later. For SIPLUS TIM 1531 IRC versions prior to V2.3.6, update to version V2.3.6 or later. For TIM 1531 IRC versions prior to V2.3.6, update to version V2.3.6 or later.