What is the severity of CVE-2023-37195?

The severity of CVE-2023-37195 is medium.

Which devices are affected by CVE-2023-37195?

SIMATIC CP 1604, SIMATIC CP 1616, SIMATIC CP 1623, SIMATIC CP 1626, SIMATIC CP 1628 are affected by CVE-2023-37195.

How does CVE-2023-37195 impact affected devices?

CVE-2023-37195 allows insufficient control of continuous mapping of direct memory access (DMA) requests on affected devices.

How can I fix CVE-2023-37195?

Apply the necessary firmware update provided by Siemens to fix CVE-2023-37195.

Where can I find more information about CVE-2023-37195?

You can find more information about CVE-2023-37195 in the Siemens Security Advisory SSA-784849.

Vulnerability/
CVE-2023-37195

medium

4.4

CWE

400

10/10/2023

16/10/2023

CVE-2023-37195

First published: Tue Oct 10 2023(Updated: )

A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests. This could allow local attackers with administrative privileges to cause a denial of service situation on the host. A physical power cycle is required to get the system working again.

Credit: productcert@siemens.com productcert@siemens.com

Affected Software	Affected Version	How to fix
Siemens Simatic Cp 1604 Firmware
Siemens Simatic Cp 1604
Siemens Simatic Cp 1616 Firmware
Siemens Simatic Cp 1616
Siemens Simatic Cp 1623 Firmware
Siemens Simatic Cp 1623
Siemens Simatic Cp 1626 Firmware
Siemens Simatic Cp 1626
Siemens Simatic Cp 1628 Firmware
Siemens Simatic Cp 1628

Never miss a vulnerability like this again

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-784849.pdf

Frequently Asked Questions

What is the severity of CVE-2023-37195?
The severity of CVE-2023-37195 is medium.
Which devices are affected by CVE-2023-37195?
SIMATIC CP 1604, SIMATIC CP 1616, SIMATIC CP 1623, SIMATIC CP 1626, SIMATIC CP 1628 are affected by CVE-2023-37195.
How does CVE-2023-37195 impact affected devices?
CVE-2023-37195 allows insufficient control of continuous mapping of direct memory access (DMA) requests on affected devices.
How can I fix CVE-2023-37195?
Apply the necessary firmware update provided by Siemens to fix CVE-2023-37195.
Where can I find more information about CVE-2023-37195?
You can find more information about CVE-2023-37195 in the Siemens Security Advisory SSA-784849.

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/type
agent/weakness
collector/nvd-api
collector/nvd-index
vendor/siemens
canonical/siemens simatic cp 1604 firmware
canonical/siemens simatic cp 1604
canonical/siemens simatic cp 1616 firmware
canonical/siemens simatic cp 1616
canonical/siemens simatic cp 1623 firmware
canonical/siemens simatic cp 1623
canonical/siemens simatic cp 1626 firmware
canonical/siemens simatic cp 1626
canonical/siemens simatic cp 1628 firmware
canonical/siemens simatic cp 1628

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.