CVE-2022-25622
Published: Apr 12, 2022
Modified: Apr 21, 2025
CVSS v3.1
5.3
Description
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.
| Vendor | Product | Versions |
|---|---|---|
Siemens | SIMATIC CFU DIQ | affected 0 - < V2.0.0 |
Siemens | SIMATIC CFU PA | affected 0 - < V2.0.0 |
Siemens | SIMATIC ET 200AL IM 157-1 PN | affected All versions |
Siemens | SIMATIC ET 200MP IM 155-5 PN HF | affected V4.2.0 - < * |
Siemens | SIMATIC ET 200pro IM 154-8 PN/DP CPU | affected All versions < V3.2.19 |
Siemens | SIMATIC ET 200pro IM 154-8F PN/DP CPU | affected All versions < V3.2.19 |
Siemens | SIMATIC ET 200pro IM 154-8FX PN/DP CPU | affected All versions < V3.2.19 |
Siemens | SIMATIC ET 200S IM 151-8 PN/DP CPU | affected All versions < V3.2.19 |
Siemens | SIMATIC ET 200S IM 151-8F PN/DP CPU | affected All versions < V3.2.19 |
Siemens | SIMATIC ET 200SP IM 155-6 MF HF | affected 0 - < * |
Siemens | SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants) | affected All versions |
Siemens | SIMATIC ET 200SP IM 155-6 PN HF | affected V4.2.0 - < * |
Siemens | SIMATIC ET 200SP IM 155-6 PN/2 HF | affected V4.2.0 - < * |
Siemens | SIMATIC ET 200SP IM 155-6 PN/3 HF | affected V4.2.0 - < * |
Siemens | SIMATIC ET200ecoPN, AI 8xRTD/TC, M12-L | affected V5.1.1 - < V5.1.2 |
Siemens | SIMATIC ET200ecoPN, CM 4x IO-Link, M12-L | affected V5.1.1 - < V5.1.2 |
Siemens | SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L | affected V5.1.1 - < V5.1.2 |
Siemens | SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L | affected V5.1.1 - < V5.1.2 |
Siemens | SIMATIC ET200ecoPN, DI 16x24VDC, M12-L | affected V5.1.1 - < V5.1.2 |
Siemens | SIMATIC ET200ecoPN, DI 8x24VDC, M12-L | affected V5.1.1 - < V5.1.2 |
Siemens | SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L | affected V5.1.1 - < V5.1.3 |
Siemens | SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L | affected V5.1.1 - < V5.1.2 |
Siemens | SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L | affected V5.1.1 - < V5.1.2 |
Siemens | SIMATIC PN/MF Coupler | affected All versions |
Siemens | SIMATIC PN/PN Coupler | affected All versions >= 4.2 |
Siemens | SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) | affected All versions < V2.0.0 |
Siemens | SIMATIC S7-300 CPU 314C-2 PN/DP | affected All versions < V3.3.19 |
Siemens | SIMATIC S7-300 CPU 315-2 PN/DP | affected All versions < V3.2.19 |
Siemens | SIMATIC S7-300 CPU 315F-2 PN/DP | affected All versions < V3.2.19 |
Siemens | SIMATIC S7-300 CPU 315T-3 PN/DP | affected All versions < V3.2.19 |
Siemens | SIMATIC S7-300 CPU 317-2 PN/DP | affected All versions < V3.2.19 |
Siemens | SIMATIC S7-300 CPU 317F-2 PN/DP | affected All versions < V3.2.19 |
Siemens | SIMATIC S7-300 CPU 317T-3 PN/DP | affected All versions < V3.2.19 |
Siemens | SIMATIC S7-300 CPU 317TF-3 PN/DP | affected All versions < V3.2.19 |
Siemens | SIMATIC S7-300 CPU 319-3 PN/DP | affected All versions < V3.2.19 |
Siemens | SIMATIC S7-300 CPU 319F-3 PN/DP | affected All versions < V3.2.19 |
Siemens | SIMATIC S7-400 CPU 412-2 PN V7 | affected 0 - < * |
Siemens | SIMATIC S7-400 CPU 414-3 PN/DP V7 | affected 0 - < * |
Siemens | SIMATIC S7-400 CPU 414F-3 PN/DP V7 | affected 0 - < * |
Siemens | SIMATIC S7-400 CPU 416-3 PN/DP V7 | affected 0 - < * |
Siemens | SIMATIC S7-400 CPU 416F-3 PN/DP V7 | affected 0 - < * |
Siemens | SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) | affected 0 - < V6.0.10 |
Siemens | SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) | affected All versions < V10.1.1 |
Siemens | SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) | affected 0 - < V8.2.3 |
Siemens | SIMATIC TDC CP51M1 | affected 0 - < V1.1.10 |
Siemens | SIMATIC TDC CPU555 | affected 0 - < V1.2.1 |
Siemens | SIMATIC WinAC RTX 2010 | affected All versions |
Siemens | SIMATIC WinAC RTX F 2010 | affected All versions |
Siemens | SINAMICS DCM | affected 0 - < V1.5 SP1 |
Siemens | SINAMICS G110M | affected 0 - < V4.7.14 |
Siemens | SINAMICS G115D | affected 0 - < V4.7.14 |
Siemens | SINAMICS G120 (incl. SIPLUS variants) | affected 0 - < V4.7 SP14 |
Siemens | SINAMICS G130 | affected 0 - < V5.2.3.13 |
Siemens | SINAMICS G150 | affected 0 - < V5.2.3.13 |
Siemens | SINAMICS S110 | affected 0 - < * |
Siemens | SINAMICS S120 (incl. SIPLUS variants) | affected 0 - < V5.2 SP3 HF13 |
Siemens | SINAMICS S150 | affected 0 - < V5.2.3.13 |
Siemens | SINAMICS S210 (6SL5...) | affected 0 - < V5.2 SP3 HF18 |
Siemens | SINAMICS V90 | affected 0 - < V1.04.04 |
Siemens | SIPLUS ET 200MP IM 155-5 PN HF | affected V4.2.0 - < * |
Siemens | SIPLUS ET 200MP IM 155-5 PN HF | affected V4.2.0 - < * |
Siemens | SIPLUS ET 200MP IM 155-5 PN HF T1 RAIL | affected V4.2.0 - < * |
Siemens | SIPLUS ET 200S IM 151-8 PN/DP CPU | affected All versions < V3.2.19 |
Siemens | SIPLUS ET 200S IM 151-8F PN/DP CPU | affected All versions < V3.2.19 |
Siemens | SIPLUS ET 200SP IM 155-6 PN HF | affected V4.2.0 - < * |
Siemens | SIPLUS ET 200SP IM 155-6 PN HF | affected V4.2.0 - < * |
Siemens | SIPLUS ET 200SP IM 155-6 PN HF | affected V4.2.0 - < * |
Siemens | SIPLUS ET 200SP IM 155-6 PN HF | affected V4.2.0 - < * |
Siemens | SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL | affected V4.2.0 - < * |
Siemens | SIPLUS ET 200SP IM 155-6 PN HF T1 RAIL | affected V4.2.0 - < * |
Siemens | SIPLUS ET 200SP IM 155-6 PN HF TX RAIL | affected V4.2.0 - < * |
Siemens | SIPLUS HCS4200 CIM4210 | affected All versions |
Siemens | SIPLUS HCS4200 CIM4210C | affected All versions |
Siemens | SIPLUS HCS4300 CIM4310 | affected All versions |
Siemens | SIPLUS NET PN/PN Coupler | affected All versions >= 4.2 |
Siemens | SIPLUS S7-300 CPU 314C-2 PN/DP | affected All versions < V3.3.19 |
Siemens | SIPLUS S7-300 CPU 315-2 PN/DP | affected All versions < V3.2.19 |
Siemens | SIPLUS S7-300 CPU 315F-2 PN/DP | affected All versions < V3.2.19 |
Siemens | SIPLUS S7-300 CPU 317-2 PN/DP | affected All versions < V3.2.19 |
Siemens | SIPLUS S7-300 CPU 317F-2 PN/DP | affected All versions < V3.2.19 |
Siemens | SIPLUS S7-400 CPU 414-3 PN/DP V7 | affected 0 - < * |
Siemens | SIPLUS S7-400 CPU 416-3 PN/DP V7 | affected 0 - < * |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now