CVE-2023-30756: Null Pointer Dereference
First published: Tue Sep 10 2024(Updated: )
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of the affected devices do not properly handle certain errors when using the Expect HTTP request header, resulting in NULL dereference. This could allow a remote attacker with no privileges to cause a denial of service condition in the system.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens SIMATIC NET CP 1242-7 | <3.5.20 | |
| Siemens Simatic Net CP 1243-1 | <3.5.20 | |
| Siemens Simatic Net CP 1243-1 | <3.5.20 | |
| siemens simatic cp 1243-1 | <3.5.20 | |
| Siemens SIMATIC CP 1243-7 LTE EU Firmware | <3.5.20 | |
| Siemens Simatic Net CP 1243-8 IRC Firmware | <3.5.20 | |
| Siemens SIMATIC HMI Comfort Panel | ||
| Siemens SIMATIC IPC DiagBase Firmware | ||
| siemens SIMATIC IPC DiagMonitor firmware | ||
| Siemens SIMATIC WinCC Runtime Advanced | ||
| Siemens Simatic TIM 1531 IRC Firmware | <2.4.8 | |
| Siemens TIM 1531 IRC Firmware | <2.4.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-30756?
The severity of CVE-2023-30756 is classified as high.
How do I fix CVE-2023-30756?
To fix CVE-2023-30756, update to Siemens SIMATIC CP firmwares version 3.5.20 or later.
Which products are affected by CVE-2023-30756?
CVE-2023-30756 affects Siemens SIMATIC CP 1242-7, CP 1243-1, CP 1243-1 DNP3, CP 1243-1 IEC, and several other variants before version 3.5.20.
Can I run affected devices on older firmware versions after CVE-2023-30756?
Running affected devices on older firmware versions after CVE-2023-30756 is not recommended due to the security vulnerabilities.
Is CVE-2023-30756 actively being exploited?
As of now, there are no indications that CVE-2023-30756 is actively being exploited in the wild.
- agent/references
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/nvd-api
- source/NVD
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens simatic net cp 1242-7
- canonical/siemens simatic net cp 1243-1
- canonical/siemens simatic cp 1243-1
- canonical/siemens simatic cp 1243-7 lte eu firmware
- canonical/siemens simatic net cp 1243-8 irc firmware
- canonical/siemens simatic hmi comfort panel
- canonical/siemens simatic ipc diagbase firmware
- canonical/siemens simatic ipc diagmonitor firmware
- canonical/siemens simatic wincc runtime advanced
- canonical/siemens simatic tim 1531 irc firmware
- canonical/siemens tim 1531 irc firmware