Description
A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices do not properly handle TCP packets with an incorrect structure. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the network cable of the device needs to be unplugged and re-plugged.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | SIMATIC S7-200 SMART CPU CR40 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU CR60 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU SR20 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU SR20 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU SR30 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU SR30 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU SR40 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU SR40 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU SR60 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU SR60 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU ST20 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU ST20 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU ST30 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU ST30 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU ST40 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU ST40 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU ST60 | unknown |
|
||||||
| Siemens | SIMATIC S7-200 SMART CPU ST60 | unknown |
|
No data.
No data.
No data available yet.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-40418 | A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices do not properly handle TCP packets with an incorrect structure. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the network cable of the device needs to be unplugged and re-plugged. |
References
History
Tue, 10 Sep 2024 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Siemens
Siemens simatic S7-200 Smart Cpu Cr20s Siemens simatic S7-200 Smart Cpu Cr30s Siemens simatic S7-200 Smart Cpu Cr40 Siemens simatic S7-200 Smart Cpu Cr40s Siemens simatic S7-200 Smart Cpu Cr60 Siemens simatic S7-200 Smart Cpu Cr60s Siemens simatic S7-200 Smart Cpu Sr20 Siemens simatic S7-200 Smart Cpu Sr30 Siemens simatic S7-200 Smart Cpu Sr40 Siemens simatic S7-200 Smart Cpu Sr60 Siemens simatic S7-200 Smart Cpu St20 Siemens simatic S7-200 Smart Cpu St30 Siemens simatic S7-200 Smart Cpu St40 Siemens simatic S7-200 Smart Cpu St60 |
|
| CPEs | cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr20s:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr30s:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr40:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr40s:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr60:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_cr60s:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_sr20:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_sr30:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_sr40:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_sr60:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_st20:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_st30:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_st40:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:simatic_s7-200_smart_cpu_st60:-:*:*:*:*:*:*:* |
|
| Vendors & Products |
Siemens
Siemens simatic S7-200 Smart Cpu Cr20s Siemens simatic S7-200 Smart Cpu Cr30s Siemens simatic S7-200 Smart Cpu Cr40 Siemens simatic S7-200 Smart Cpu Cr40s Siemens simatic S7-200 Smart Cpu Cr60 Siemens simatic S7-200 Smart Cpu Cr60s Siemens simatic S7-200 Smart Cpu Sr20 Siemens simatic S7-200 Smart Cpu Sr30 Siemens simatic S7-200 Smart Cpu Sr40 Siemens simatic S7-200 Smart Cpu Sr60 Siemens simatic S7-200 Smart Cpu St20 Siemens simatic S7-200 Smart Cpu St30 Siemens simatic S7-200 Smart Cpu St40 Siemens simatic S7-200 Smart Cpu St60 |
|
| Metrics |
ssvc
|
Tue, 10 Sep 2024 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices do not properly handle TCP packets with an incorrect structure. This could allow an unauthenticated remote attacker to cause a denial of service condition. To restore normal operations, the network cable of the device needs to be unplugged and re-plugged. | |
| Weaknesses | CWE-400 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
Siemens
Subscribe
Simatic S7-200 Smart Cpu Cr20s
Subscribe
Simatic S7-200 Smart Cpu Cr30s
Subscribe
Simatic S7-200 Smart Cpu Cr40
Subscribe
Simatic S7-200 Smart Cpu Cr40s
Subscribe
Simatic S7-200 Smart Cpu Cr60
Subscribe
Simatic S7-200 Smart Cpu Cr60s
Subscribe
Simatic S7-200 Smart Cpu Sr20
Subscribe
Simatic S7-200 Smart Cpu Sr30
Subscribe
Simatic S7-200 Smart Cpu Sr40
Subscribe
Simatic S7-200 Smart Cpu Sr60
Subscribe
Simatic S7-200 Smart Cpu St20
Subscribe
Simatic S7-200 Smart Cpu St30
Subscribe
Simatic S7-200 Smart Cpu St40
Subscribe
Simatic S7-200 Smart Cpu St60
Subscribe
MITRE
Status: PUBLISHED
Assigner: siemens
Published:
Updated: 2024-09-10T14:52:35.401Z
Reserved: 2024-08-14T05:49:17.278Z
Link: CVE-2024-43647
Vulnrichment
Updated: 2024-09-10T14:52:26.897Z
NVD
Status : Deferred
Published: 2024-09-10T10:15:12.650
Modified: 2026-04-15T00:35:42.020
Link: CVE-2024-43647
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses