7.5
CWE
416
Advisory Published
Updated

CVE-2022-43716: Use After Free

First published: Tue Apr 11 2023(Updated: )

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product.

Credit: productcert@siemens.com productcert@siemens.com

Affected SoftwareAffected VersionHow to fix
Siemens Simatic Cp 1242-7 V2 Firmware
Siemens Simatic Cp 1242-7 V2
Siemens Simatic Cp 1243-1 Firmware
Siemens Simatic Cp 1243-1
Siemens Simatic Cp 1243-1 Dnp3 Firmware
Siemens Simatic Cp 1243-1 Dnp3
Siemens Simatic Cp 1243-1 Iec Firmware
Siemens Simatic Cp 1243-1 Iec
Siemens Simatic Cp 1243-7 Lte Eu Firmware
Siemens SIMATIC CP 1243-7 LTE EU
Siemens Simatic Cp 1243-7 Lte Us Firmware
Siemens SIMATIC CP 1243-7 LTE US
Siemens Simatic Cp 1243-8 Irc Firmware
Siemens Simatic Cp 1243-8 Irc
Siemens Simatic Cp 1542sp-1 Firmware
Siemens SIMATIC CP 1542SP-1
Siemens Simatic Cp 1542sp-1 Irc Firmware
Siemens Simatic Cp 1542sp-1 Irc
Siemens Simatic Cp 1543sp-1 Firmware
Siemens Simatic Cp 1543sp-1
Siemens Simatic Cp 443-1 Firmware<3.3
Siemens Simatic Cp 443-1
Siemens Simatic Cp 443-1 Advanced Firmware<3.3
Siemens Simatic Cp 443-1 Advanced
Siemens Simatic Ipc Diagbase Firmware
Siemens Simatic Ipc Diagbase
Siemens Simatic Ipc Diagmonitor Firmware
Siemens Simatic Ipc Diagmonitor
Siemens Siplus Et 200sp Cp 1542sp-1 Irc Tx Rail Firmware
Siemens Siplus Et 200sp Cp 1542sp-1 Irc Tx Rail
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Firmware
Siemens Siplus Et 200sp Cp 1543sp-1 Isec
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Tx Rail Firmware
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Tx Rail
Siemens Siplus Net Cp 1242-7 V2 Firmware
Siemens Siplus Net Cp 1242-7 V2
Siemens Siplus Net Cp 443-1 Firmware<3.3
Siemens Siplus Net Cp 443-1
Siemens Siplus Net Cp 443-1 Advanced Firmware<3.3
Siemens Siplus Net Cp 443-1 Advanced
Siemens Siplus S7-1200 Cp 1243-1 Firmware
Siemens Siplus S7-1200 Cp 1243-1
Siemens Siplus S7-1200 Cp 1243-1 Rail Firmware
Siemens Siplus S7-1200 Cp 1243-1 Rail
Siemens Siplus Tim 1531 Irc Firmware<2.3.6
Siemens Siplus Tim 1531 Irc
Siemens Tim 1531 Irc Firmware<2.3.6
Siemens Tim 1531 Irc
All of
Siemens Simatic Cp 1242-7 V2
Siemens Simatic Cp 1242-7 V2 Firmware
All of
Siemens Simatic Cp 1243-1
Siemens Simatic Cp 1243-1 Firmware
All of
Siemens Simatic Cp 1243-1 Dnp3
Siemens Simatic Cp 1243-1 Dnp3 Firmware
All of
Siemens Simatic Cp 1243-1 Iec
Siemens Simatic Cp 1243-1 Iec Firmware
All of
Siemens SIMATIC CP 1243-7 LTE EU
Siemens Simatic Cp 1243-7 Lte Eu Firmware
All of
Siemens SIMATIC CP 1243-7 LTE US
Siemens Simatic Cp 1243-7 Lte Us Firmware
All of
Siemens Simatic Cp 1243-8 Irc
Siemens Simatic Cp 1243-8 Irc Firmware
All of
Siemens SIMATIC CP 1542SP-1
Siemens Simatic Cp 1542sp-1 Firmware
All of
Siemens Simatic Cp 1542sp-1 Irc Firmware
Siemens Simatic Cp 1542sp-1 Irc
All of
Siemens Simatic Cp 1543sp-1 Firmware
Siemens Simatic Cp 1543sp-1
All of
Siemens Simatic Cp 443-1 Firmware<3.3
Siemens Simatic Cp 443-1
All of
Siemens Simatic Cp 443-1 Advanced Firmware<3.3
Siemens Simatic Cp 443-1 Advanced
All of
Siemens Simatic Ipc Diagbase Firmware
Siemens Simatic Ipc Diagbase
All of
Siemens Simatic Ipc Diagmonitor Firmware
Siemens Simatic Ipc Diagmonitor
All of
Siemens Siplus Et 200sp Cp 1542sp-1 Irc Tx Rail Firmware
Siemens Siplus Et 200sp Cp 1542sp-1 Irc Tx Rail
All of
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Firmware
Siemens Siplus Et 200sp Cp 1543sp-1 Isec
All of
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Tx Rail Firmware
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Tx Rail
All of
Siemens Siplus Net Cp 1242-7 V2 Firmware
Siemens Siplus Net Cp 1242-7 V2
All of
Siemens Siplus Net Cp 443-1 Firmware<3.3
Siemens Siplus Net Cp 443-1
All of
Siemens Siplus Net Cp 443-1 Advanced Firmware<3.3
Siemens Siplus Net Cp 443-1 Advanced
All of
Siemens Siplus S7-1200 Cp 1243-1 Firmware
Siemens Siplus S7-1200 Cp 1243-1
All of
Siemens Siplus S7-1200 Cp 1243-1 Rail Firmware
Siemens Siplus S7-1200 Cp 1243-1 Rail
All of
Siemens Siplus Tim 1531 Irc Firmware<2.3.6
Siemens Siplus Tim 1531 Irc
All of
Siemens Tim 1531 Irc Firmware<2.3.6
Siemens Tim 1531 Irc

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2022-43716?

    The severity of CVE-2022-43716 is high with a CVSS score of 7.5.

  • What software is affected by CVE-2022-43716?

    The SIMATIC CP 1242-7 V2, SIMATIC CP 1243-1, SIMATIC CP 1243-1 DNP3, SIMATIC CP 1243-1 IEC, SIMATIC CP 1243-7 LTE EU, and SIMATIC CP 1243-7 LTE US are affected by CVE-2022-43716.

  • How can I fix CVE-2022-43716?

    To fix CVE-2022-43716, users should apply the necessary security patches or firmware updates provided by Siemens.

  • What is the Common Weakness Enumeration (CWE) of CVE-2022-43716?

    The Common Weakness Enumeration (CWE) of CVE-2022-43716 is 416.

  • Where can I find more information about CVE-2022-43716?

    More information about CVE-2022-43716 can be found in the reference link: [https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf](https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf)

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203