CVE-2023-28827

CWE-476 — NULL Pointer Dereference3 documents3 sources

Severity

8.2HIGH

EPSS

0.5%

top 34.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simatic CP 1242-7 V2 (incl. Siplus Variants)Siemens Simatic CP 1243-1 (incl. Siplus Variants)Siemens Simatic CP 1243-1 Dnp3 (incl. Siplus Variants)+9 more

Timeline

PublishedSep 10

Description

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All vers…

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages12 packages

▶CVEListV5siemens/simatic_cp_1243-1_dnp3_(incl._siplus_variants)< V3.5.20

▶CVEListV5siemens/simatic_cp_1243-1_(incl._siplus_variants)< V3.5.20

▶CVEListV5siemens/simatic_cp_1243-1_iec_(incl._siplus_variants)< V3.5.20

▶CVEListV5siemens/simatic_hmi_comfort_panels_(incl._siplus_variants)All versions

▶CVEListV5siemens/simatic_cp_1242-7_v2_(incl._siplus_variants)< V3.5.20

🔴Vulnerability Details

GHSA

GHSA-wh3c-3qmr-4ghp: A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl↗2024-09-10

▶

CVEList

CVE-2023-28827: A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl↗2024-09-10

▶