Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-52891

CVSS 5.3 · Medium EPSS 0.12% · P30
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-52891

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.5), SIMATIC Energy Manager PRO (All versions < V7.5), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMIT V10 (All versions), SIMIT V11 (All versions < V11.1). Unified Automation .NET based OPC UA Server SDK before 3.2.2 used in Siemens products are affected by a similar vulnerability as documented in CVE-2023-27321 for the OPC Foundation UA .NET Standard implementation. A successful attack may lead to high load situation and memory exhaustion, and may block the server.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1325
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens 多款产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens SIMATIC是德国西门子(Siemens)公司的一款组态软件。 Siemens 多款产品存在安全漏洞,该漏洞源于攻击者利用该漏洞可能会导致高负载情况和内存耗尽。以下产品及版本受到影响:Siemens SIMATIC Energy Manager Basic V7.5 版本之前, SIMATIC Energy Manager PRO V7.5 版本之前, SIMATIC IPC DiagBase, SIMATIC IPC DiagMonitor, SIMIT V10, SIMIT V11
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
SiemensSIMATIC Energy Manager Basic 0 ~ V7.5 -
SiemensSIMATIC Energy Manager PRO 0 ~ V7.5 -
SiemensSIMATIC IPC DiagBase 0 ~ * -
SiemensSIMATIC IPC DiagMonitor 0 ~ * -
SiemensSIMIT V10 0 ~ * -
SiemensSIMIT V11 0 ~ V11.1 -

II. Public POCs for CVE-2023-52891

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2023-52891

登录查看更多情报信息。

Same Patch Batch · Siemens · 2024-07-09 · 33 CVEs total

CVE-2024-398729.6 CRITICALSiemens SINEMA Remote Connect Server 安全漏洞
CVE-2024-395708.8 HIGHSiemens SINEMA Remote Connect Server 命令注入漏洞
CVE-2024-395718.8 HIGHSiemens SINEMA Remote Connect Server 安全漏洞
CVE-2024-396758.8 HIGHSiemens 多款产品安全漏洞
CVE-2024-398658.8 HIGHSiemens SINEMA Remote Connect Server 代码问题漏洞
CVE-2024-398668.8 HIGHSiemens SINEMA Remote Connect 安全漏洞
CVE-2022-451477.8 HIGHSiemens SIMATIC PCS和SIMATIC STEP 代码问题漏洞
CVE-2024-379977.8 HIGHSiemens JT Open Toolkit 安全漏洞
CVE-2024-395677.8 HIGHSiemens SINEMA Remote Connect 命令注入漏洞
CVE-2024-395687.8 HIGHSiemens SINEMA Remote Connect 命令注入漏洞
CVE-2024-336547.8 HIGHSiemens Simcenter Femap 缓冲区错误漏洞
CVE-2024-336537.8 HIGHSiemens Simcenter Femap 缓冲区错误漏洞
CVE-2024-320567.8 HIGHSiemens Simcenter Femap 缓冲区错误漏洞
CVE-2024-398677.6 HIGHSiemens SINEMA Remote Connect 安全漏洞
CVE-2024-398687.6 HIGHSiemens SINEMA Remote Connect Server 安全漏洞
CVE-2024-398737.5 HIGHSiemens SINEMA Remote Connect Server 安全漏洞
CVE-2024-398887.5 HIGHSiemens Mendix 安全漏洞
CVE-2024-398747.5 HIGHSiemens SINEMA Remote Connect 安全漏洞
CVE-2023-522377.5 HIGHSiemens 多款产品信息泄露漏洞
CVE-2024-395696.6 MEDIUMSiemens SINEMA Remote Connect Client 命令注入漏洞

Showing top 20 of 33 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: SIMATIC Energy Manager Basic
Same vendor: Siemens
Same weakness: CWE-1325

V. Comments for CVE-2023-52891

No comments yet

Leave a comment