CVE-2020-15783
HIGHSIMATIC S7-300 CPU Family, SIMATIC TDC CPU555, and SINUMERIK 840D sl - Denial of Service via Port 102
Title source: llmDescription
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service.
References (1)
Core 1
Core References
Mitigation, Vendor Advisory x_refsource_misc
https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf
Scores
CVSS v3
7.5
EPSS
0.0019
EPSS Percentile
40.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (12)
siemens/simatic_s7-300_cpu_312_firmware
siemens/simatic_s7-300_cpu_314_firmware
siemens/simatic_s7-300_cpu_315-2_dp_firmware
siemens/simatic_s7-300_cpu_315-2_pn_firmware
siemens/simatic_s7-300_cpu_315f-2_dp_firmware
siemens/simatic_s7-300_cpu_315f-2_pn_firmware
siemens/simatic_s7-300_cpu_317-2_dp_firmware
siemens/simatic_s7-300_cpu_317-2_pn_firmware
siemens/simatic_s7-300_cpu_317f-2_dp_firmware
siemens/simatic_s7-300_cpu_317f-2_pn_firmware
... and 2 more
Published
Nov 12, 2020
Tracked Since
Feb 18, 2026