CVE-2023-46285

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 12, 2023
Updated: Feb 13, 2024
CWE ID 20

Summary

CVE-2023-46285 is a vulnerability that affects multiple Siemens products, including Opcenter Quality, SIMATIC PCS neo, SINEC NMS, SINUMERIK Integrate RunMyHMI/Automotive, and Totally Integrated Automation Portal (TIA Portal) versions 14 to 18. The vulnerability is related to improper input validation and can be exploited by sending a specially crafted message to 4004/tcp. This could result in a Denial-of-Service state for the affected service. However, the service is automatically restarted after the crash is detected by a watchdog. The severity of this vulnerability is rated as high with a CVSS base score of 7.5 and an exploitability score of 3.9. It poses a potential danger to organizations using these Siemens products as it can lead to service disruption.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-46285 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options