CVE-2018-13815

CVE-2018-13815

Vendor Siemens Ag
Product SIMATIC S7-1200, SIMATIC S7-1500
Weakness CWE-410
Published December 13, 2018
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a Denial-of-Service condition impacting the availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known.

Key dates

02Disclosure timeline

December 13, 2018 CVE published
August 5, 2024 Record updated