Remote Denial-of-Service in Siemens Opcenter and SIMATIC Products
CVE-2020-7587

8.2HIGH

Key Information:

Vendor: Siemens
Status: Opcenter Execution Discrete; Opcenter Execution Foundation; Opcenter Execution Process; Opcenter Intelligence
Vendor: CVE Published:; 14 July 2020

What is CVE-2020-7587?

A weakness has been discovered in various Siemens Opcenter and SIMATIC products that allows an attacker to send specially crafted packets to the affected services. This can induce a partial remote denial-of-service, causing the service to restart unexpectedly. In some instances, this vulnerability could also result in the unintended disclosure of random information from the remote service, thereby presenting potential risks to data integrity and system stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Opcenter Execution Discrete All versions < V3.2

Opcenter Execution Foundation All versions < V3.2

Opcenter Execution Process All versions < V3.2

References

https://cert-portal.siemens.com/productcert/pdf/ssa-84134...

x_refsource_MISC

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 14, 2020
Vulnerability Reserved
Jan 21, 2020

JSON

Siemens

What is CVE-2020-7587?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.