CVE-2021-33737
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C
Summary
A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | SIMATIC CP 343-1 (incl. SIPLUS variants) | All versions | affected |
| Siemens | SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) | All versions | affected |
| Siemens | SIMATIC CP 343-1 ERPC | All versions | affected |
| Siemens | SIMATIC CP 343-1 Lean (incl. SIPLUS variants) | All versions | affected |
| Siemens | SIMATIC CP 443-1 | All versions < V3.3 | affected |
| Siemens | SIMATIC CP 443-1 | All versions < V3.3 | affected |
| Siemens | SIMATIC CP 443-1 Advanced | All versions < V3.3 | affected |
| Siemens | SIPLUS NET CP 443-1 | All versions < V3.3 | affected |
| Siemens | SIPLUS NET CP 443-1 Advanced | All versions < V3.3 | affected |
Weaknesses
- CWE-119: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.