CVE-2022-43723

HIGH

SICAM PAS/PQS < V7.0 or >= 7.0 < V8.06 - DoS

Title source: llm

Description

A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All versions >= 7.0 < V8.06). Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the application crashes. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.

References (1)

[Patch, Vendor Advisory] https://cert-portal.siemens.com/productcert/pdf/ssa-849072.pdf

Scores

CVSS v3 7.5

EPSS 0.0111

EPSS Percentile 78.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-20 CWE-1287

Status published

Products (1)

siemens/sicam_pas\/pqs 7.0 - 8.06

Published Dec 13, 2022

Tracked Since Feb 18, 2026