CVE-2020-15796

Summary

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a specially crafted HTTP request.

Affected Software

VendorProductVersion RangeStatus
SiemensSIMATIC ET 200SP Open Controller (incl. SIPLUS variants)V20.8affected
SiemensSIMATIC S7-1500 Software ControllerV20.8affected

Weaknesses

  • CWE-248: CWE-248: Uncaught Exception

ADP Enrichment

CVE Program Container

Additional References

References