CVE-2023-46280

Summary

A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC S7-PCT (All versions < V3.5 SP3 Update 6), SIMATIC STEP 7 V5 (All versions < V5.7 SP3), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions < V3.3.12), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2), SINEC NMS (All versions < V3.0 SP1). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.

Affected Software

VendorProductVersion RangeStatus
SiemensSecurity Configuration Tool (SCT)0 < *affected
SiemensSIMATIC Automation Tool0 < V5.0 SP2affected
SiemensSIMATIC BATCH V9.10 < V9.1 SP2 Upd5affected
SiemensSIMATIC NET PC Software V160 < V16 Update 8affected
SiemensSIMATIC NET PC Software V170 < *affected
SiemensSIMATIC NET PC Software V180 < V18 SP1affected
SiemensSIMATIC NET PC Software V190 < V19 Update 2affected
SiemensSIMATIC PCS 7 V9.10 < V9.1 SP2 UC05affected
SiemensSIMATIC PDM V9.20 < V9.2 SP2 Upd3affected
SiemensSIMATIC Route Control V9.10 < V9.1 SP2 Upd3affected
SiemensSIMATIC S7-PCT0 < V3.5 SP3 Update 6affected
SiemensSIMATIC STEP 7 V50 < V5.7 SP3affected
SiemensSIMATIC WinCC OA V3.170 < *affected
SiemensSIMATIC WinCC OA V3.180 < V3.18 P025affected
SiemensSIMATIC WinCC OA V3.190 < V3.19 P010affected
SiemensSIMATIC WinCC Runtime Advanced0 < V17 Update 8affected
SiemensSIMATIC WinCC Runtime Professional V160 < V16 Update 6affected
SiemensSIMATIC WinCC Runtime Professional V170 < V17 Update 8affected
SiemensSIMATIC WinCC Runtime Professional V180 < V18 Update 4affected
SiemensSIMATIC WinCC Runtime Professional V190 < V19 Update 2affected
SiemensSIMATIC WinCC V7.40 < *affected
SiemensSIMATIC WinCC V7.50 < V7.5 SP2 Update 17affected
SiemensSIMATIC WinCC V8.00 < V8.0 Update 5affected
SiemensSINAMICS Startdrive0 < V19 SP1affected
SiemensSINEC NMS0 < V3.0affected
SiemensSINUMERIK ONE virtual0 < V6.23affected
SiemensSINUMERIK PLC Programming Tool0 < V3.3.12affected
SiemensTIA Portal Cloud Connector0 < V2.0affected
SiemensTotally Integrated Automation Portal (TIA Portal) V15.10 < *affected
SiemensTotally Integrated Automation Portal (TIA Portal) V160 < *affected
SiemensTotally Integrated Automation Portal (TIA Portal) V170 < V17 Update 8affected
SiemensTotally Integrated Automation Portal (TIA Portal) V180 < V18 Update 4affected
SiemensTotally Integrated Automation Portal (TIA Portal) V190 < V19 Update 2affected
SiemensSINEC NMS0 < V3.0 SP1affected

Weaknesses

  • CWE-125: CWE-125: Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References