Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). The kernel memory of affected devices is exposed to user-mode via direct memory access (DMA) which could allow a local attacker with administrative privileges to execute arbitrary code on the host system without any restrictions.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
访问控制不恰当
Vulnerability Title
Siemens SIMATIC 多款产品访问控制错误漏洞
Vulnerability Description
Siemens SIMATIC是德国西门子(Siemens)公司的一款组态软件。 Siemens SIMATIC CP 1604, SIMATIC CP 1616, SIMATIC CP 1623, SIMATIC CP 1626, SIMATIC CP 1628 存在访问控制错误漏洞,该漏洞源于受影响设备的内核内存通过直接内存访问 (DMA) 暴露在用户模式下,这可能允许具有管理权限的本地攻击者在主机系统上不受任何限制地执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A