First published: Tue Dec 12 2023(Updated: )
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly. This could allow an attacker to create a buffer overflow and create a denial of service condition for the device.
Credit: productcert@siemens.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Siemens 6ES7412-2EK07-0AB0 | ||
Siemens 6ES7412-2EK07-0AB0 Firmware | ||
All of | ||
Siemens 6ES7414-3EM07-0AB0 | ||
Siemens 6ES7414-3EM07-0AB0 Firmware | ||
All of | ||
Siemens 6ES7414-3FM07-0AB0 | ||
Siemens 6ES7414-3FM07-0AB0 Firmware | ||
All of | ||
Siemens 6ES7416-3ES07-0AB0 | ||
Siemens 6ES7416-3ES07-0AB0 Firmware | ||
All of | ||
Siemens 6ES7416-3FS07-0AB0 | ||
Siemens 6ES7416-3FS07-0AB0 Firmware | ||
All of | ||
Siemens 6AG1414-3EM07-7AB0 Firmware | ||
Siemens 6AG1414-3EM07-7AB0 Firmware | ||
All of | ||
Siemens 6AG1416-3ES07-7AB0 | ||
Siemens 6AG1416-3ES07-7AB0 Firmware | ||
All of | ||
Any of | ||
Siemens Sinamics S120 | ||
Siemens Sinamics S120 | =4.7 | |
Siemens Sinamics S120 | =4.8 | |
Siemens Sinamics S120 | =4.9 | |
Siemens Sinamics S120 | =5.0 | |
Siemens Sinamics S120 | =5.1-sp1 | |
Siemens Sinamics S120 | =5.1-sp1_hotfix1 | |
Siemens Sinamics S120 | =5.1-sp1_hotfix13 | |
Siemens Sinamics S120 | =5.2 | |
Siemens Sinamics S120 | =5.2-hotfix1 | |
Siemens Sinamics S120 | =5.2-hotfix11 | |
Siemens Sinamics S120 | =5.2-hotfix7 | |
Siemens Sinamics S120 | =5.2-sp3 | |
Siemens Sinamics S120 | =5.2-sp3_hotfix1 | |
Siemens Sinamics S120 | =5.2-sp3_hotfix13 | |
Siemens Sinamics S120 | =5.2-sp3_hotfix6 | |
Siemens Sinamics S120 | =5.2-sp3_hotfix9 | |
Siemens Sinamics S120 Firmware | ||
All of | ||
Siemens SIMATIC PC-Station Plus Firmware | ||
Siemens SIMATIC PC-Station Plus Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The CVE-2022-47375 vulnerability has a high severity level due to its potential impact on system integrity and availability.
To fix CVE-2022-47375, users should apply the latest firmware updates provided by Siemens for the affected products.
CVE-2022-47375 affects various versions of Siemens SIMATIC PC-Station Plus and several models of the SIMATIC S7-400 CPUs.
Yes, CVE-2022-47375 can potentially be exploited remotely, allowing unauthorized access to impacted systems.
The potential impacts of CVE-2022-47375 include unauthorized modification of system configurations and possible downtime of critical systems.