Remote Denial-of-Service Vulnerability in Siemens Opcenter and SIMATIC Products
CVE-2020-7588

5.3MEDIUM

Key Information:

Vendor: Siemens
Status: Opcenter Execution Discrete; Opcenter Execution Foundation; Opcenter Execution Process; Opcenter Intelligence
Vendor: CVE Published:; 14 July 2020

Summary

A vulnerability in various Siemens Opcenter and SIMATIC products allows an attacker to send specially crafted packets to the targeted service. This can lead to a partial remote denial-of-service condition, causing the affected service to restart unexpectedly. Users of these products should apply updates and patches to mitigate this vulnerability to ensure continuity of services.

Affected Version(s)

Opcenter Execution Discrete All versions < V3.2

Opcenter Execution Foundation All versions < V3.2

Opcenter Execution Process All versions < V3.2

References

https://cert-portal.siemens.com/productcert/pdf/ssa-84134...

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 14, 2020
Vulnerability Reserved
Jan 21, 2020