CVE-2023-46156
HIGHCVSS 7.5/10EPSS 1.24%
Last modified
CVE-2023-46156 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations.. EPSS estimates a 1.24% chance of exploitation in the next 30 days.
Description
Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal operations.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Simatic Drive Controller Cpu 1504d Tf Firmware | < 3.1.0 |
| Siemens | Simatic Drive Controller Cpu 1507d Tf Firmware | < 3.1.0 |
| Siemens | Simatic Et 200sp Open Control 1515sp Pc2 Firmware | All versions |
| Siemens | Simatic S7-1500 Cpu 1510sp F-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1510sp-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1511-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1511c-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1511f-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1511t-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1511tf-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1512c-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1512sp F-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1512sp-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1513-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1513f-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1513r-1 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1514sp F-2 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1514sp-2 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1514spt F-2 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1514spt-2 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1515-2 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1515f-2 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1515r-2 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1515t-2 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1515tf-2 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1516-3 Pn\/Dp Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1516f-3 Pn\/Dp Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1516t-3 Pn\/Dp Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1517-3 Pn\/Dp Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1517f-3 Pn\/Dp Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1517h-3 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1517t-3 Pn\/Dp Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1517tf-3 Pn\/Dp Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1518-4 Pn\/Dp Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1518f-4 Pn\/Dp Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1518hf-4 Pn Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1518t-4 Pn\/Dp Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu 1518tf-4 Pn\/Dp Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu S7-1518-4 Pn\/Dp Odk Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Cpu S7-1518f-4 Pn\/Dp Odk Firmware | < 3.1.0 |
| Siemens | Simatic S7-1500 Et 200pro\ | _cpu_1513pro_f-2_pn_firmware |
| Siemens | Simatic S7-1500 Et 200pro\ | _cpu_1513pro-2_pn_firmware |
| Siemens | Simatic S7-1500 Et 200pro\ | _cpu_1516pro_f-2_pn_firmware |
| Siemens | Simatic S7-1500 Et 200pro\ | cpu_1516pro-2_pn_firmware |
| Siemens | Simatic S7-1500 Software Controller Firmware | All versions |
| Siemens | Simatic S7-Plcsim Advanced Firmware | < 6.0 |
| Siemens | Siplus Et 200sp Cpu 1510sp F-1 Pn Firmware | All versions |
| Siemens | Siplus Et 200sp Cpu 1510sp F-1 Pn Rail Firmware | All versions |
| Siemens | Siplus Et 200sp Cpu 1510sp-1 Pn Firmware | All versions |
| Siemens | Siplus Et 200sp Cpu 1510sp-1 Pn Rail Firmware | All versions |
Showing 50 of 76 affected configurations. See NVD for the full list.
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-46156?
Affected devices improperly handle specially crafted packets sent to port 102/tcp.
This could allow an attacker to create a denial of service condition. A restart is needed to restore
normal operations.
How severe is CVE-2023-46156?
CVE-2023-46156 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.24% probability of exploitation in the next 30 days.
How do I fix CVE-2023-46156?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2023-46156?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST