The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| siemens | simatic_cfu_diq_firmware | - | - |
| siemens | simatic_cfu_pa_firmware | - | - |
| siemens | simatic_s7-300_cpu_firmware |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
12
Affected Products
4
References
siemens / simatic_cfu_diq_firmware
| - |
| - |
| siemens | simatic_s7-400h_v6_firmware | - | - |
| siemens | simatic_s7-400_pn\/dp_v7_firmware | - | - |
| siemens | simatic_s7-410_v8_firmware | - | - |
| siemens | simatic_s7-410_v10_firmware | - | - |
| siemens | simatic_s7-1500_cpu_firmware | 2.0.0 | - |
| siemens | simatic_tdc_cp51m1_firmware | - | - |
| siemens | simatic_tdc_cpu555_firmware | - | - |
| siemens | simatic_winac_rtx_firmware | - | - |
| siemens | simit_simulation_platform | - | - |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Exploitability
Impact