CVE-2022-43723

HIGH

SICAM PAS/PQS < V7.0 or >= 7.0 < V8.06 - DoS

Title source: llm

Description

A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All versions >= 7.0 < V8.06). Affected software does not properly validate the input for a certain parameter in the s7ontcp.dll. This could allow an unauthenticated remote attacker to send messages and create a denial of service condition as the application crashes. At the time of assigning the CVE, the affected firmware version of the component has already been superseded by succeeding mainline versions.

References (1)

[Patch, Vendor Advisory] https://cert-portal.siemens.com/productcert/pdf/ssa-849072.pdf

Scores

CVSS v3 7.5

EPSS 0.0111

EPSS Percentile 77.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-20 CWE-1287

Status published

Affected Products (1)

siemens/sicam_pas\/pqs < 8.06

Timeline

Published Dec 13, 2022

Tracked Since Feb 18, 2026