What is CVE-2023-48364?

CVE-2023-48364 is a medium-severity vulnerability in Siemens Openpcs 7 V9.1, classified under NULL Pointer Dereference. CVSS score: 6.5/10. Published 2024-02-13.

How severe is CVE-2023-48364?

Medium severity. CVSS v3 base score is 6.5 out of 10.

NULL pointer dereference in Siemens Openpcs 7 V9.1

CVE-2023-48364

A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2…

EPSS: 0.001 (22.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C.

Affected products

Siemens Openpcs 7 V9.1 — versions All versions < V9.1 SP2 UC05
Siemens Simatic Batch V9.1 — versions All versions < V9.1 SP2 UC05
Siemens Simatic Pcs 7 V9.1 — versions 0
Siemens Simatic Route Control V9.1 — versions All versions < V9.1 SP2 UC05
Siemens Simatic Wincc Runtime Professional V18 — versions 0
Siemens Simatic Wincc Runtime Professional V19 — versions 0
Siemens Simatic Wincc V7.4 — versions 0
Siemens Simatic Wincc V7.5 — versions 0
Siemens Simatic Wincc V8.0 — versions 0

Weakness classification (CWE)

CWE-476 — NULL Pointer Dereference

References

cert-portal.siemens.com/productcert/html/ssa-753746.html

Frequently asked questions

What is CVE-2023-48364?: CVE-2023-48364 is a medium-severity vulnerability in Siemens Openpcs 7 V9.1, classified under NULL Pointer Dereference. CVSS score: 6.5/10. Published 2024-02-13.
How severe is CVE-2023-48364?: Medium severity. CVSS v3 base score is 6.5 out of 10.