CVE-2023-50763

First published: Tue Jun 11 2024(Updated: )

A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of affected products, if configured to allow the import of PKCS12 containers, could end up in an infinite loop when processing incomplete certificate chains. This could allow an authenticated remote attacker to create a denial of service condition by importing specially crafted PKCS12 containers.

Credit: productcert@siemens.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/references
• agent/weakness
• agent/first-publish-date
• agent/description
• agent/type
• agent/author
• agent/event
• collector/nvd-api
• source/NVD
• agent/severity
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/source
• agent/softwarecombine
• agent/tags
• agent/guess-ai
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• vendor/siemens
• canonical/siemens simatic cp 1542sp-1
• canonical/siemens simatic cp 1542sp-1 irc
• canonical/siemens simatic cp 1543sp-1
• canonical/siemens siplus et 200sp cp 1542sp-1 irc tx rail
• canonical/siemens siplus et 200sp cp 1543sp-1 isec
• canonical/siemens siplus et 200sp cp 1543sp-1 isec tx rail
• canonical/siemens simatic tim 1531 irc firmware
• canonical/siemens tim 1531 irc