CVE-2023-32736 | Siemens SIMATIC S7-PLCSIM deserialization (ssa-871035)

A vulnerability, which was classified as critical, has been found in Siemens SIMATIC S7-PLCSIM, SIMATIC STEP 7 Safety, SIMATIC STEP 7 Safety, SIMATIC STEP 7, SIMATIC WinCC Unified, SIMATIC WinCC, SIMOCODE ES, SIMOTION SCOUT TIA, SINAMICS Startdrive, SIRIUS Safety ES, SIRIUS Soft Starter ES and TIA Portal Cloud. Affected by this issue is some unknown functionality. The manipulation leads to deserialization.

This vulnerability is handled as CVE-2023-32736. Attacking locally is a requirement. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-32736 | Siemens SIMATIC S7-PLCSIM deserialization (ssa-871035)

Related Posts

CVE-2024-30220 | PLANEX MZK-MF300N Request command injection

CVE-2024-10071 | ESAFENET CDG 5 EncryptPolicyService.java actionUpdateEncryptPolicyEdit encryptPolicyId sql injection

CVE-2024-26898 | Linux Kernel up to 6.8.1 aoecmd_cfg_pkts use after free

CVE-2024-8131 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/apkg_mgr.cgi module_enable_disable f_module_name command injection (SAP10383)