CVE-2023-51440

Name of the Vulnerable Software and Affected Versions SIMATIC CP 343-1 versions All SIMATIC CP 343-1 Lean versions All SIPLUS NET CP 343-1 versions All SIPLUS NET CP 343-1 Lean versions All

Description A vulnerability has been identified in the affected products, which incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets. The issue is related to insufficient validation of the communication channel source, allowing a remote attacker to cause a denial of service by sending specially crafted TCP RST packets.

Recommendations For SIMATIC CP 343-1, consider disabling the TCP validation function until a patch is available. For SIMATIC CP 343-1 Lean, restrict access to the communication module to minimize the risk of exploitation. For SIPLUS NET CP 343-1, avoid using the affected communication protocol until the issue is resolved. For SIPLUS NET CP 343-1 Lean, as a temporary workaround, consider blocking incoming TCP RST packets to prevent denial of service conditions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.