Vulnerability CVE-2023-29105
Published: 2023-05-09

Description:
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions < V2.1). The affected device is vulnerable to a denial of service while parsing a random (non-JSON) MQTT payload. This could allow an attacker who can manipulate the communication between the MQTT broker and the affected device to cause a denial of service (DoS).

Type:

CWE-544

 (Missing Standardized Error Handling Mechanism)

 References:
https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf
Copyright 2026, cxsecurity.com

 

Back to Top