What is CVE-2023-37195?

CVE-2023-37195 is a medium-severity vulnerability in Siemens Simatic Cp 1604, classified under Uncontrolled Resource Consumption. CVSS score: 4.4/10. Published 2023-10-10.

How severe is CVE-2023-37195?

Medium severity. CVSS v3 base score is 4.4 out of 10.

Resource exhaustion in Siemens Simatic Cp 1604

CVE-2023-37195

A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.000 (4.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.4 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C.

Affected products

Siemens Simatic Cp 1604 — versions All versions
Siemens Simatic Cp 1616 — versions All versions
Siemens Simatic Cp 1623 — versions All versions
Siemens Simatic Cp 1626 — versions All versions
Siemens Simatic Cp 1628 — versions All versions

Weakness classification (CWE)

CWE-400 — Uncontrolled Resource Consumption

References

cert-portal.siemens.com/productcert/pdf/ssa-784849.pdf

Frequently asked questions

What is CVE-2023-37195?: CVE-2023-37195 is a medium-severity vulnerability in Siemens Simatic Cp 1604, classified under Uncontrolled Resource Consumption. CVSS score: 4.4/10. Published 2023-10-10.
How severe is CVE-2023-37195?: Medium severity. CVSS v3 base score is 4.4 out of 10.