VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 14, 2020· Updated Aug 4, 2024

CVE-2020-7587

CVE-2020-7587

Description

A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.

Affected products

16
  • Siemens/Opcenter Execution Discretev5
    Range: All versions < V3.2
  • Siemens/Opcenter Execution Foundationv5
    Range: All versions < V3.2
  • Siemens/Opcenter Execution Processv5
    Range: All versions < V3.2
  • Siemens/Opcenter Intelligencev5
    Range: All versions < V3.3
  • Siemens Foundation/Opcenter Qualitycpe-rescue
    Range: All versions < V11.3
  • Siemens Foundation/Opcenter RDnLcpe-rescue
    Range: V8.0
  • Siemens/SIMATIC IT LMSv5
    Range: All versions < V2.6
  • Siemens/SIMATIC IT Production Suitev5
    Range: All versions < V8.0
  • Siemens/SIMATIC Notifier Server for Windowsv5
    Range: All versions
  • Siemens Foundation/Simatic Pcs7cpe-rescue
    Range: All versions < V3.0 SP1
  • Siemens Foundation/Simatic Step 7 \(tia Portal\)cpe-rescue2 versions
    All versions < V15.1 Update 5+ 1 more
    • (no CPE)range: All versions < V15.1 Update 5
    • (no CPE)range: All versions < V16 Update 2
  • Siemens Foundation/SIMOCODE EScpe-rescue2 versions
    All versions < V15.1 Update 4+ 1 more
    • (no CPE)range: All versions < V15.1 Update 4
    • (no CPE)range: All versions < V16 Update 1
  • Siemens/Soft Starter ES V15.1v5
    Range: All versions < V15.1 Update 3
  • Siemens/Soft Starter ES V16v5
    Range: All versions < V16 Update 1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.