CVE-2023-51440

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 13, 2024

Updated: Dec 16, 2024

CWE ID 940

Summary

CVE-2023-51440 is a recently disclosed vulnerability affecting various Siemens SIMATIC and SIPLUS NET CP 343-1 models, including SIMATIC CP 343-1 (6GK7343-1EX30-0XE0), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0), and SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0). The affected products have a flaw in TCP sequence number validation, which can be exploited by unauthenticated remote attackers. By injecting spoofed TCP RST packets, they can cause a denial of service condition. This vulnerability poses a significant risk to industrial control systems and requires immediate attention and patching from users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Vendors

Siemens AG

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners