← back
CVE-2020-15782

CVE-2020-15782

CVSS 9.8 CRITICALEPSS 5.2%CWE-119
In short

A memory protection bypass vulnerability in multiple Siemens industrial control devices allows unauthenticated attackers on the network to read sensitive data or write malicious code to protected memory areas, potentially taking over critical systems.

Technical detail

CWE-119 (buffer overflow/memory protection weakness) affecting Siemens PLCs and controllers via port 102/tcp. Remote unauthenticated attacker can bypass memory protections through a specific operation sequence, enabling arbitrary code execution or sensitive data disclosure without prior authentication. CVSS 9.8 reflects network accessibility and lack of privilege/user interaction requirements.

Summary generated and translated by AI from the official description.
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions < V6.15), SINUMERIK ONE (All versions < V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Siemens · SIMATIC Drive Controller familySiemens · SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)Siemens · SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)Siemens · SIMATIC S7-1200 CPU family (incl. SIPLUS variants)Siemens · SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)Siemens · SIMATIC S7-1500 Software ControllerSiemens · SIMATIC S7-PLCSIM AdvancedSiemens · SINAMICS PERFECT HARMONY GH180 DrivesSiemens · SINUMERIK MCSiemens · SINUMERIK ONE

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf