What is CVE-2022-47375?

CVE-2022-47375 is a high-severity vulnerability in Siemens Simatic Pc-station Plus, classified under Buffer Access with Incorrect Length Value. CVSS score: 7.5/10. Published 2023-12-12.

How severe is CVE-2022-47375?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Siemens Simatic Pc-station Plus

CVE-2022-47375

A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-4…

EPSS: 0.002 (46.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C.

Affected products

Siemens Simatic Pc-station Plus — versions All versions
Siemens Simatic S7-400 Cpu 412-2 Pn V7 — versions All versions
Siemens Simatic S7-400 Cpu 414-3 Pn/dp V7 — versions All versions
Siemens Simatic S7-400 Cpu 414f-3 Pn/dp V7 — versions All versions
Siemens Simatic S7-400 Cpu 416-3 Pn/dp V7 — versions All versions
Siemens Simatic S7-400 Cpu 416f-3 Pn/dp V7 — versions All versions
Siemens Sinamics S120 (Incl. Siplus Variants) — versions All versions < V5.2 SP3 HF15
Siemens Siplus S7-400 Cpu 414-3 Pn/dp V7 — versions All versions
Siemens Siplus S7-400 Cpu 416-3 Pn/dp V7 — versions All versions

Weakness classification (CWE)

CWE-805 — Buffer Access with Incorrect Length Value

References

cert-portal.siemens.com/productcert/pdf/ssa-892915.pdf

Frequently asked questions

What is CVE-2022-47375?: CVE-2022-47375 is a high-severity vulnerability in Siemens Simatic Pc-station Plus, classified under Buffer Access with Incorrect Length Value. CVSS score: 7.5/10. Published 2023-12-12.
How severe is CVE-2022-47375?: High severity. CVSS v3 base score is 7.5 out of 10.