Buffer Overflow Vulnerability in SIMATIC and SINAMICS Products by Siemens
CVE-2022-47375

7.5HIGH

Key Information:

Vendor

Siemens
Status
SIMATIC PC-Station Plus
SIMATIC S7-400 CPU 412-2 PN V7
SIMATIC S7-400 CPU 414-3 PN/DP V7
SIMATIC S7-400 CPU 414F-3 PN/DP V7
Vendor
CVE Published:
12 December 2023

What is CVE-2022-47375?

A buffer overflow vulnerability exists in various Siemens SIMATIC PC-Station Plus and S7-400 CPU products, as well as SINAMICS S120 devices. The issue arises from the improper handling of long file names, potentially allowing an attacker to exploit this flaw. This exploitation could lead to a denial of service condition, affecting device availability and operational continuity. Users are encouraged to assess their systems and apply appropriate security measures to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SIMATIC PC-Station Plus All versions

SIMATIC S7-400 CPU 412-2 PN V7 All versions

SIMATIC S7-400 CPU 414-3 PN/DP V7 All versions

References

https://cert-portal.siemens.com/productcert/pdf/ssa-89291...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.