CVE-2023-48363

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 13, 2024

Updated: Jul 9, 2024

CWE ID 476

Summary

CVE-2023-48363 is a vulnerability affecting various Siemens products, including OpenPCS 7 V9.1, SIMATIC BATCH V9.1, SIMATIC PCS 7 V9.1, SIMATIC Route Control V9.1, SIMATIC WinCC Runtime Professional V18 and V19, SIMATIC WinCC V7.4, and SIMATIC WinCC V8.0 (all versions prior to specified updates). The flaw lies in the implementation of the RPC (Remote Procedure Call) communication protocol, which fails to handle certain unstructured RPC messages properly. An attacker can exploit this vulnerability to cause a denial-of-service condition in the RPC server.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tbE5rc
https://www.cve.org/CVERecord?id=CVE-2023-48363
https://nvd.nist.gov/vuln/detail/CVE-2023-48363

Back to Vulnerability Database

CVE-2023-48363

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations