CVE-2023-48363

CWE-476 — NULL Pointer Dereference3 documents3 sources

Severity

7.1HIGH

EPSS

0.1%

top 73.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simatic PCS 7 V9.1 Siemens Simatic Wincc Runtime Professional V18 Siemens Simatic Wincc Runtime Professional V19 +12 more

Timeline

PublishedFeb 13

Description

A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (Al…

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages15 packages

▶CVEListV5siemens/simatic_wincc_runtime_professional_v18< V18 Update 4

▶CVEListV5siemens/simatic_wincc_runtime_professional_v19< V19 Update 2

▶NVDsiemens/simatic_wincc_runtime_professional18+1

▶CVEListV5siemens/simatic_wincc_v7.4< *

▶CVEListV5siemens/simatic_wincc_v7.5< V7.5 SP2 Update 15

🔴Vulnerability Details

CVEList

CVE-2023-48363: A vulnerability has been identified in OpenPCS 7 V9↗2024-02-13

▶

GHSA

GHSA-q3m2-hxcv-vxp6: A vulnerability has been identified in OpenPCS 7 V9↗2024-02-13

▶