CVE-2018-16556Improper Input Validation in Siemens Simatic S7-410 Firmware

CWE-20Improper Input Validation3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 59.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
24
Siemens Simatic S7-410 FirmwareSiemens Simatic S7-400 FirmwareSiemens Simatic S7-400h Firmware+21 more
Timeline
PublishedDec 13
Latest updateMay 14

Description

A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-2 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), S

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages24 packages

CVEListV5siemens/simatic_s7-410_cpu_familyAll versions < V8.2.1
CVEListV5siemens/simatic_s7-400_h_v6_cpu_familyAll versions < V6.0.9

🔴Vulnerability Details

2
GHSA
GHSA-h69h-mwxm-xg4v: A vulnerability has been identified in SIMATIC S7-400 (incl2022-05-14
CVEList
CVE-2018-16556: A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CP2018-12-13
CVE-2018-16556 — Improper Input Validation in Siemens | cvebase