CVE-2021-44695

high-risk
Published 2022-12-13

Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

Do I need to act?

-
0.17% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.9/10 Medium
NETWORK / LOW complexity

Affected Products (20)

Simatic S7-1500 Cpu 1508S F Firmware
Simatic S7-1500 Cpu 1510Sp Firmware
Simatic S7-1500 Cpu 1510Sp-1 Firmware
Simatic S7-1500 Cpu 1511-1 Firmware
Simatic S7-1500 Cpu 1511-1 Pn Firmware
Simatic S7-1500 Cpu 1511C Firmware
Simatic S7-1500 Cpu 1511C-1 Firmware
Simatic S7-1500 Cpu 1511F-1 Firmware
Simatic S7-1500 Cpu 1511F-1 Pn Firmware
Simatic S7-1500 Cpu 1511T-1 Firmware
Simatic S7-1500 Cpu 1511Tf-1 Firmware
Simatic S7-1500 Cpu 1512C Firmware
Simatic S7-1500 Cpu 1512C-1 Firmware
Simatic S7-1500 Cpu 1512Sp-1 Firmware
Simatic S7-1500 Cpu 1512Spf-1 Firmware
Simatic S7-1500 Cpu 1513-1 Firmware
Simatic S7-1500 Cpu 1513-1 Pn Firmware
Simatic S7-1500 Cpu 1513F-1 Firmware
Simatic S7-1500 Cpu 1513F-1 Pn Firmware
Simatic S7-1500 Cpu 1513R-1 Firmware

Affected Vendors

Siemens

References (2)

Patch https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf
Patch https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf
51
/ 100
high-risk
Severity 20/34 · Moderate
Exploitability 1/34 · Minimal
Exposure 30/34 · Critical