Unrated severityNVD Advisory· Published Oct 10, 2023· Updated Sep 19, 2024

CVE-2023-37195

Description

A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests. This could allow local attackers with administrative privileges to cause a denial of service situation on the host. A physical power cycle is required to get the system working again.

Affected products

Siemens Foundation/Cp 1604 Firmwarecpe-rescue
Range: All versions
Siemens Foundation/Cp 1616 Firmwarecpe-rescue
Range: All versions
Siemens/SIMATIC CP 1623v5
Range: All versions
Siemens Foundation/Simatic Cp 1626 Firmwarecpe-rescue
Range: All versions
Siemens/SIMATIC CP 1628v5
Range: All versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/pdf/ssa-784849.pdfmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000