OPC UA C++ Stack Integer Overflow DaS - CVE-2023-28831
CVE-2023-28831 Published on September 12, 2023

The OPC UA implementations (ANSI C and C++) in affected products contain an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.

NVD

Weakness Type

Integer Overflow or Wraparound

The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. An integer overflow or wraparound occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may wrap to become a very small or negative number. While this may be intended behavior in circumstances that rely on wrapping, it can have security consequences if the wrap is unexpected. This is especially the case if the integer overflow can be triggered using user-supplied inputs. This becomes security-critical when the result is used to control looping, make a security decision, or determine the offset or size in behaviors such as memory allocation, copying, concatenation, etc.


Products Associated with CVE-2023-28831

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-28831 are published in these products:

 
 
 
 
 

Affected Versions

Siemens SIMATIC BRAUMAT: Siemens SIMATIC Cloud Connect 7 CC712: Siemens SIMATIC Cloud Connect 7 CC716: Siemens SIMATIC Comfort/Mobile RT: Siemens SIMATIC Drive Controller CPU 1504D TF: Siemens SIMATIC Drive Controller CPU 1504D TF: Siemens SIMATIC Drive Controller CPU 1507D TF: Siemens SIMATIC Drive Controller CPU 1507D TF: Siemens SIMATIC ET 200SP CPU 1510SP F-1 PN: Siemens SIMATIC ET 200SP CPU 1510SP F-1 PN: Siemens SIMATIC ET 200SP CPU 1510SP-1 PN: Siemens SIMATIC ET 200SP CPU 1510SP-1 PN: Siemens SIMATIC ET 200SP CPU 1512SP F-1 PN: Siemens SIMATIC ET 200SP CPU 1512SP F-1 PN: Siemens SIMATIC ET 200SP CPU 1512SP-1 PN: Siemens SIMATIC ET 200SP CPU 1512SP-1 PN: Siemens SIMATIC ET 200SP CPU 1514SP F-2 PN: Siemens SIMATIC ET 200SP CPU 1514SP-2 PN: Siemens SIMATIC ET 200SP CPU 1514SPT F-2 PN: Siemens SIMATIC ET 200SP CPU 1514SPT-2 PN: Siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants): Siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants): Siemens SIMATIC IPC DiagMonitor: Siemens SIMATIC NET PC Software V14: Siemens SIMATIC NET PC Software V16: Siemens SIMATIC NET PC Software V17: Siemens SIMATIC NET PC Software V18: Siemens SIMATIC PCS 7 V9.1: Siemens SIMATIC PCS neo V4.0: Siemens SIMATIC S7-1500 CPU 1511-1 PN: Siemens SIMATIC S7-1500 CPU 1511-1 PN: Siemens SIMATIC S7-1500 CPU 1511-1 PN: Siemens SIMATIC S7-1500 CPU 1511C-1 PN: Siemens SIMATIC S7-1500 CPU 1511C-1 PN: Siemens SIMATIC S7-1500 CPU 1511F-1 PN: Siemens SIMATIC S7-1500 CPU 1511F-1 PN: Siemens SIMATIC S7-1500 CPU 1511F-1 PN: Siemens SIMATIC S7-1500 CPU 1511T-1 PN: Siemens SIMATIC S7-1500 CPU 1511T-1 PN: Siemens SIMATIC S7-1500 CPU 1511TF-1 PN: Siemens SIMATIC S7-1500 CPU 1511TF-1 PN: Siemens SIMATIC S7-1500 CPU 1512C-1 PN: Siemens SIMATIC S7-1500 CPU 1512C-1 PN: Siemens SIMATIC S7-1500 CPU 1513-1 PN: Siemens SIMATIC S7-1500 CPU 1513-1 PN: Siemens SIMATIC S7-1500 CPU 1513-1 PN: Siemens SIMATIC S7-1500 CPU 1513F-1 PN: Siemens SIMATIC S7-1500 CPU 1513F-1 PN: Siemens SIMATIC S7-1500 CPU 1513F-1 PN: Siemens SIMATIC S7-1500 CPU 1515-2 PN: Siemens SIMATIC S7-1500 CPU 1515-2 PN: Siemens SIMATIC S7-1500 CPU 1515-2 PN: Siemens SIMATIC S7-1500 CPU 1515F-2 PN: Siemens SIMATIC S7-1500 CPU 1515F-2 PN: Siemens SIMATIC S7-1500 CPU 1515F-2 PN: Siemens SIMATIC S7-1500 CPU 1515T-2 PN: Siemens SIMATIC S7-1500 CPU 1515T-2 PN: Siemens SIMATIC S7-1500 CPU 1515TF-2 PN: Siemens SIMATIC S7-1500 CPU 1515TF-2 PN: Siemens SIMATIC S7-1500 CPU 1516-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1516-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1516-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1516F-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1516F-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1516F-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1516T-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1516TF-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1517-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1517F-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1517T-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1517TF-3 PN/DP: Siemens SIMATIC S7-1500 CPU 1518-4 PN/DP: Siemens SIMATIC S7-1500 CPU 1518-4 PN/DP MFP: Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP: Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP: Siemens SIMATIC S7-1500 CPU 1518T-4 PN/DP: Siemens SIMATIC S7-1500 CPU 1518TF-4 PN/DP: Siemens SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK: Siemens SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK: Siemens SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN: Siemens SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN: Siemens SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN: Siemens SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN: Siemens SIMATIC S7-1500 Software Controller V2: Siemens SIMATIC S7-1500 Software Controller V3: Siemens SIMATIC S7-PLCSIM Advanced: Siemens SIMATIC SISTAR: Siemens SIMATIC WinCC OA V3.17: Siemens SIMATIC WinCC OA V3.18: Siemens SIMATIC WinCC OA V3.19: Siemens SIMATIC WinCC OPC UA Client: Siemens SIMATIC WinCC Runtime Professional V16: Siemens SIMATIC WinCC Runtime Professional V17: Siemens SIMATIC WinCC Runtime Professional V18: Siemens SIMATIC WinCC Runtime Professional V19: Siemens SIMATIC WinCC Unified OPC UA Server: Siemens SIMATIC WinCC V7.4: Siemens SIMATIC WinCC V7.5: Siemens SIMATIC WinCC V8.0: Siemens SINUMERIK MC: Siemens SINUMERIK ONE: Siemens SIPLUS ET 200SP CPU 1510SP F-1 PN: Siemens SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL: Siemens SIPLUS ET 200SP CPU 1510SP-1 PN: Siemens SIPLUS ET 200SP CPU 1510SP-1 PN: Siemens SIPLUS ET 200SP CPU 1510SP-1 PN RAIL: Siemens SIPLUS ET 200SP CPU 1510SP-1 PN RAIL: Siemens SIPLUS ET 200SP CPU 1512SP F-1 PN: Siemens SIPLUS ET 200SP CPU 1512SP F-1 PN: Siemens SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL: Siemens SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL: Siemens SIPLUS ET 200SP CPU 1512SP-1 PN: Siemens SIPLUS ET 200SP CPU 1512SP-1 PN: Siemens SIPLUS ET 200SP CPU 1512SP-1 PN RAIL: Siemens SIPLUS ET 200SP CPU 1512SP-1 PN RAIL: Siemens SIPLUS S7-1500 CPU 1511-1 PN: Siemens SIPLUS S7-1500 CPU 1511-1 PN: Siemens SIPLUS S7-1500 CPU 1511-1 PN: Siemens SIPLUS S7-1500 CPU 1511-1 PN: Siemens SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL: Siemens SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL: Siemens SIPLUS S7-1500 CPU 1511-1 PN TX RAIL: Siemens SIPLUS S7-1500 CPU 1511-1 PN TX RAIL: Siemens SIPLUS S7-1500 CPU 1511F-1 PN: Siemens SIPLUS S7-1500 CPU 1511F-1 PN: Siemens SIPLUS S7-1500 CPU 1513-1 PN: Siemens SIPLUS S7-1500 CPU 1513-1 PN: Siemens SIPLUS S7-1500 CPU 1513-1 PN: Siemens SIPLUS S7-1500 CPU 1513-1 PN: Siemens SIPLUS S7-1500 CPU 1513F-1 PN: Siemens SIPLUS S7-1500 CPU 1513F-1 PN: Siemens SIPLUS S7-1500 CPU 1515F-2 PN: Siemens SIPLUS S7-1500 CPU 1515F-2 PN: Siemens SIPLUS S7-1500 CPU 1515F-2 PN RAIL: Siemens SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL: Siemens SIPLUS S7-1500 CPU 1516-3 PN/DP: Siemens SIPLUS S7-1500 CPU 1516-3 PN/DP: Siemens SIPLUS S7-1500 CPU 1516-3 PN/DP: Siemens SIPLUS S7-1500 CPU 1516-3 PN/DP: Siemens SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL: Siemens SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL: Siemens SIPLUS S7-1500 CPU 1516F-3 PN/DP: Siemens SIPLUS S7-1500 CPU 1516F-3 PN/DP: Siemens SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL: Siemens SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL: Siemens SIPLUS S7-1500 CPU 1518-4 PN/DP: Siemens SIPLUS S7-1500 CPU 1518-4 PN/DP MFP: Siemens SIPLUS S7-1500 CPU 1518F-4 PN/DP:

Exploit Probability

EPSS
0.43%
Percentile
62.00%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.