8.7
CVE-2023-28831
- EPSS 0.43%
- Published 12.09.2023 10:15:27
- Last modified 18.08.2025 14:15:26
- Source productcert@siemens.com
- Teams watchlist Login
- Open Login
The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.
Data is provided by the National Vulnerability Database (NVD)
Siemens ≫ Simatic Cloud Connect 7 Cc712 Firmware Version < 2.2
Siemens ≫ Simatic Cloud Connect 7 Cc716 Firmware Version < 2.2
Siemens ≫ Simatic Drive Controller Cpu 1504d Tf Firmware Version < 2.2
Siemens ≫ Simatic Drive Controller Cpu 1507d Tf Firmware Version < 2.9.7
Siemens ≫ Simatic Et 200sp Open Controller Cpu Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1200 Cpu Firmware Version < 3.0.3
Siemens ≫ Simatic S7-1500 Cpu 1510sp-1 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1510sp F-1 Pn Firmware Version < 3.0.3
Siemens ≫ Simatic S7-1500 Cpu 1511-1 Pn Firmware Version < 21.9.7
Siemens ≫ Simatic S7-1500 Cpu 1511c-1 Pn Firmware Version < 30.0.0
Siemens ≫ Simatic S7-1500 Cpu 1511f-1 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1511t-1 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1511tf-1 Pn Firmware Version < 3.0.3
Siemens ≫ Simatic S7-1500 Cpu 1512c-1 Pn Firmware Version < 3.0.3
Siemens ≫ Simatic S7-1500 Cpu 1512sp-1 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1512sp F-1 Pn Firmware Version < 3.0.3
Siemens ≫ Simatic S7-1500 Cpu 1513-1 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1513f-1 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1513r-1 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1514sp-2 Pn Firmware Version < 3.0.3
Siemens ≫ Simatic S7-1500 Cpu 1514sp F-2 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1514spt-2 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1514spt F-2 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1515-2 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1515f-2 Pn Firmware Version < 3.0.3
Siemens ≫ Simatic S7-1500 Cpu 1515r-2 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1515t-2 Pn Firmware Version < 3.0.3
Siemens ≫ Simatic S7-1500 Cpu 1515tf-2 Pn Firmware Version < 3.0.3
Siemens ≫ Simatic S7-1500 Cpu 1517h-3 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Cpu 1518hf-4 Pn Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Et 200pro Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Software Controller Firmware Version < 2.9.7
Siemens ≫ Simatic S7-1500 Software Controller Firmware Version < 2.9.7
Siemens ≫ Simatic S7-plcsim Advanced Firmware Version < 2.9.7
Siemens ≫ Siplus Et 200sp Cpu 1510sp-1 Pn Firmware Version < 2.9.7
Siemens ≫ Siplus Et 200sp Cpu 1510sp-1 Pn Rail Firmware Version < 2.9.7
Siemens ≫ Siplus Et 200sp Cpu 1510sp F-1 Pn Firmware Version < 2.9.7
Siemens ≫ Siplus Et 200sp Cpu 1510sp F-1 Pn Rail Firmware Version < 2.9.7
Siemens ≫ Siplus Et 200sp Cpu 1512sp-1 Pn Firmware Version < 2.9.7
Siemens ≫ Siplus Et 200sp Cpu 1512sp-1 Pn Rail Firmware Version < 2.9.7
Siemens ≫ Siplus Et 200sp Cpu 1512sp F-1 Pn Firmware Version < 2.9.7
Siemens ≫ Siplus Et 200sp Cpu 1512sp F-1 Pn Rail Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1511-1 Pn Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1511-1 Pn T1 Rail Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1511-1 Pn Tx Rail Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1511f-1 Pn Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1513-1 Pn Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1513f-1 Pn Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1515f-2 Pn Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1515f-2 Pn Rail Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1515f-2 Pn T2 Rail Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1515r-2 Pn Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1515r-2 Pn Tx Rail Firmware Version < 2.9.7
Siemens ≫ Siplus S7-1500 Cpu 1517h-3 Pn Firmware Version < 3.0.3
Siemens ≫ Siplus S7-1500 Cpu 1518hf-4 Pn Firmware Version < 3.0.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.43% | 0.616 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| productcert@siemens.com | 8.7 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| productcert@siemens.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.