All the vulnerabilites related to siemens - cpu_1212c
cve-2020-15782
Vulnerability from cvelistv5
Published
2021-05-28 16:10
Modified
2024-08-04 13:22
Severity ?
Summary
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions < V6.15), SINUMERIK ONE (All versions < V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.
References
https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdfx_refsource_MISC
https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdfx_refsource_MISC
https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdfx_refsource_MISC
Impacted products
Vendor Product Version
Siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) Version: All versions
Siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) Version: All versions < V21.9
Siemens SIMATIC S7-1200 CPU family (incl. SIPLUS variants) Version: All versions < V4.5.0
Siemens SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) Version: All versions < V2.9.2
Siemens SIMATIC S7-1500 Software Controller Version: All versions < V21.9
Siemens SIMATIC S7-PLCSIM Advanced Version: All versions < V4.0
Siemens SINAMICS PERFECT HARMONY GH180 Drives Version: Drives manufactured before 2021-08-13
Siemens SINUMERIK MC Version: All versions < V6.15
Siemens SINUMERIK ONE Version: All versions < V6.15
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:22:30.758Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC Drive Controller family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.9.2"
            }
          ]
        },
        {
          "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V21.9"
            }
          ]
        },
        {
          "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.5.0"
            }
          ]
        },
        {
          "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.9.2"
            }
          ]
        },
        {
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V21.9"
            }
          ]
        },
        {
          "product": "SIMATIC S7-PLCSIM Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.0"
            }
          ]
        },
        {
          "product": "SINAMICS PERFECT HARMONY GH180 Drives",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "Drives manufactured before 2021-08-13"
            }
          ]
        },
        {
          "product": "SINUMERIK MC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.15"
            }
          ]
        },
        {
          "product": "SINUMERIK ONE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.15"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions \u003c V6.15), SINUMERIK ONE (All versions \u003c V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-14T10:47:06",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-15782",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC Drive Controller family",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.9.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V21.9"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.5.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.9.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC S7-1500 Software Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V21.9"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC S7-PLCSIM Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS PERFECT HARMONY GH180 Drives",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Drives manufactured before 2021-08-13"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINUMERIK MC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V6.15"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINUMERIK ONE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V6.15"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions \u003c V6.15), SINUMERIK ONE (All versions \u003c V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-15782",
    "datePublished": "2021-05-28T16:10:10",
    "dateReserved": "2020-07-15T00:00:00",
    "dateUpdated": "2024-08-04T13:22:30.758Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-28397
Vulnerability from cvelistv5
Published
2021-08-10 10:35
Modified
2024-08-04 16:33
Severity ?
Summary
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions > V2.5 < V2.9.2), SIMATIC S7-1500 Software Controller (All versions > V2.5 < V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once.
References
https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdfx_refsource_MISC
Impacted products
Vendor Product Version
Siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) Version: All versions < V21.9
Siemens SIMATIC S7 PLCSIM Advanced Version: All versions > V2 < V4
Siemens SIMATIC S7-1200 CPU family (incl. SIPLUS variants) Version: Version V4.4
Siemens SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) Version: All versions > V2.5 < V2.9.2
Siemens SIMATIC S7-1500 Software Controller Version: All versions > V2.5 < V21.9
Siemens TIM 1531 IRC (incl. SIPLUS NET variants) Version: Version V2.1
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:33:59.119Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC Drive Controller family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.9.2"
            }
          ]
        },
        {
          "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V21.9"
            }
          ]
        },
        {
          "product": "SIMATIC S7 PLCSIM Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V2 \u003c V4"
            }
          ]
        },
        {
          "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "Version V4.4"
            }
          ]
        },
        {
          "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V2.5 \u003c V2.9.2"
            }
          ]
        },
        {
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V2.5 \u003c V21.9"
            }
          ]
        },
        {
          "product": "TIM 1531 IRC (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "Version V2.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7 PLCSIM Advanced (All versions \u003e V2 \u003c V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e V2.5 \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003e V2.5 \u003c V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-14T10:47:15",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-28397",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC Drive Controller family",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.9.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V21.9"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC S7 PLCSIM Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V2 \u003c V4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Version V4.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V2.5 \u003c V2.9.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC S7-1500 Software Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V2.5 \u003c V21.9"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "TIM 1531 IRC (incl. SIPLUS NET variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Version V2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7 PLCSIM Advanced (All versions \u003e V2 \u003c V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e V2.5 \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003e V2.5 \u003c V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-863: Incorrect Authorization"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-28397",
    "datePublished": "2021-08-10T10:35:23",
    "dateReserved": "2020-11-10T00:00:00",
    "dateUpdated": "2024-08-04T16:33:59.119Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-37172
Vulnerability from cvelistv5
Published
2021-08-10 10:35
Modified
2024-08-04 01:16
Severity ?
Summary
A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication and download arbitrary programs to the PLC. The vulnerability does not occur when TIA Portal V13 SP1 or any later version was used to provision the device.
References
https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdfx_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:16:03.220Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "V4.5.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication and download arbitrary programs to the PLC. The vulnerability does not occur when TIA Portal V13 SP1 or any later version was used to provision the device."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287: Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-14T10:47:40",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-37172",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V4.5.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication and download arbitrary programs to the PLC. The vulnerability does not occur when TIA Portal V13 SP1 or any later version was used to provision the device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-287: Improper Authentication"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-37172",
    "datePublished": "2021-08-10T10:35:34",
    "dateReserved": "2021-07-21T00:00:00",
    "dateUpdated": "2024-08-04T01:16:03.220Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2021-08-10 11:15
Modified
2024-11-21 06:14
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication and download arbitrary programs to the PLC. The vulnerability does not occur when TIA Portal V13 SP1 or any later version was used to provision the device.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdfPatch, Vendor Advisory
Impacted products
Vendor Product Version
siemens simatic_s7-1200_cpu_firmware 4.5.0
siemens cpu_1211c -
siemens cpu_1212c -
siemens cpu_1212fc -
siemens cpu_1214c -
siemens cpu_1214fc -
siemens cpu_1215c -
siemens cpu_1215fc -
siemens cpu_1217c -
siemens simatic_step_7_\(tia_portal\) *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_firmware:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6394ED6-C200-4673-882B-7FC2A4C89C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1211c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "172D341B-D863-4C24-9B6E-633EBE87C8C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1212c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B475E4F-EE4F-4435-9F0B-8E4FA35377BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1212fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1402D624-5AF3-4E25-A2B0-9D9F214EE8FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1214c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F714315-8BEB-4BD3-BE59-C6649A0A105E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1214fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A988C9F-60DF-4BC5-A890-F03F445DD9BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1215c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C90820D3-3F3E-4DC4-9DCE-A498CC26268D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1215fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF22AB6-6DAA-4983-99DB-4F2A2E76856F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1217c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C95F12D-563A-4915-9F26-A461EB4F8FA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA4509B-FC68-42FC-9CB6-ED3C3E65E153",
              "versionEndIncluding": "13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication and download arbitrary programs to the PLC. The vulnerability does not occur when TIA Portal V13 SP1 or any later version was used to provision the device."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en la familia de CPUs SIMATIC S7-1200 (Incluyendo las variantes SIPLUS) (V4.5.0). Los dispositivos afectados no se autentican con las contrase\u00f1as configuradas cuando se aprovisionan con TIA Portal V13. Esto podr\u00eda permitir a un atacante que utilice TIA Portal V13 o versiones posteriores eludir la autenticaci\u00f3n y descargar programas arbitrarios en el PLC. La vulnerabilidad no se produce cuando se utiliza TIA Portal V13 SP1 o cualquier versi\u00f3n posterior para aprovisionar el dispositivo"
    }
  ],
  "id": "CVE-2021-37172",
  "lastModified": "2024-11-21T06:14:47.323",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-08-10T11:15:09.280",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-08-10 11:15
Modified
2024-11-21 05:22
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions > V2.5 < V2.9.2), SIMATIC S7-1500 Software Controller (All versions > V2.5 < V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdfPatch, Vendor Advisory
Impacted products
Vendor Product Version
siemens cpu_1504d_tf_firmware *
siemens cpu_1504d_tf -
siemens cpu_1507d_tf_firmware *
siemens cpu_1507d_tf -
siemens cpu_1515sp_pc2_tf_firmware *
siemens cpu_1515sp_pc2_tf -
siemens simatic_s7_plcsim_advanced_firmware *
siemens simatic_s7_plcsim_advanced -
siemens simatic_s7-1500_software_controller *
siemens tim_1531_irc_firmware 2.1
siemens tim_1531_irc -
siemens cpu_1211c_firmware 4.4
siemens cpu_1211c -
siemens cpu_1212c_firmware 4.4
siemens cpu_1212c -
siemens cpu_1212fc_firmware 4.4
siemens cpu_1212fc -
siemens cpu_1214fc_firmware 4.4
siemens cpu_1214fc -
siemens cpu_1214c_firmware 4.4
siemens cpu_1214c -
siemens cpu_1215fc_firmware 4.4
siemens cpu_1215fc -
siemens cpu_1215c_firmware 4.4
siemens cpu_1215c -
siemens cpu_1217c_firmware 4.4
siemens cpu_1217c -
siemens siplus_cpu_1510sp_f-1pn_firmware *
siemens siplus_cpu_1510sp_f-1pn -
siemens siplus_cpu_1511-1_pn_firmware *
siemens siplus_cpu_1511-1_pn -
siemens siplus_cpu_1511-1_pn_firmware *
siemens siplus_cpu_1511-1_pn -
siemens siplus_cpu_1511f-1_pn_firmware *
siemens siplus_cpu_1511f-1_pn -
siemens siplus_cpu_1512sp-1_pn_firmware *
siemens siplus_cpu_1512sp-1_pn -
siemens siplus_cpu_1512sp_f-1pn_firmware *
siemens siplus_cpu_1512sp_f-1pn -
siemens siplus_cpu_1513-1_pn_firmware *
siemens siplus_cpu_1513-1_pn -
siemens siplus_cpu_1513-1_pn_firmware *
siemens siplus_cpu_1513-1_pn -
siemens siplus_cpu_1513f-1_pn_firmware *
siemens siplus_cpu_1513f-1_pn -
siemens siplus_cpu_1516-3_pn\/dp_firmware *
siemens siplus_cpu_1516-3_pn\/dp -
siemens siplus_cpu_1516-3_pn\/dp_firmware *
siemens siplus_cpu_1516-3_pn\/dp -
siemens siplus_cpu-1516f-3_pn\/dp_firmware *
siemens siplus_cpu-1516f-3_pn\/dp -
siemens siplus_cpu_1518-4_pn\/dp_firmware *
siemens siplus_cpu_1518-4_pn\/dp -
siemens siplus_cpu_1518f-4_pn\/dp_firmware *
siemens siplus_cpu_1518f-4_pn\/dp -
siemens cpu_1510sp-1pn_firmware *
siemens cpu_1510sp-1pn -
siemens cpu1510sp_f-1_firmware *
siemens cpu1510sp_f-1 -
siemens cpu_1511-1pn_firmware *
siemens cpu_1511-1pn -
siemens cpu_1511-1pn_firmware *
siemens cpu_1511-1pn -
siemens cpu_1511c-1_pn_firmware *
siemens cpu_1511c-1_pn -
siemens cpu_1511f-1pn_firmware *
siemens cpu_1511f-1pn -
siemens cpu_1511t-1pn_firmware *
siemens cpu_1511t-1pn -
siemens cpu_1511tf-1pn_firmware *
siemens cpu_1511tf-1pn -
siemens cpu_1512c-1_pn_firmware *
siemens cpu_1512c-1_pn -
siemens cpu_1512sp-1_pn_firmware *
siemens cpu_1512sp-1_pn -
siemens cpu_1512sp_f-1_pn_firmware *
siemens cpu_1512sp_f-1_pn -
siemens cpu_1513-1_pn_firmware *
siemens cpu_1513-1_pn -
siemens cpu_1513f-1_pn_firmware *
siemens cpu_1513f-1_pn -
siemens cpu_1513r-1_pn_firmware *
siemens cpu_1513r-1_pn -
siemens cpu_1513pro_f-2_pn_firmware *
siemens cpu_1513pro_f-2_pn -
siemens cpu_1515-2_firmware *
siemens cpu_1515-2 -
siemens cpu_1515f-2_firmware *
siemens cpu_1515f-2 -
siemens cpu_1515r-2_pn_firmware *
siemens cpu_1515r-2_pn -
siemens cpu_1515t-2_pn_firmware *
siemens cpu_1515t-2_pn -
siemens cpu_1515tf-2_pn_firmware *
siemens cpu_1515tf-2_pn -
siemens cpu_1516pro_f-2_pn_firmware *
siemens cpu_1516pro_f-2_pn -
siemens cpu_1516pro-2_pn_firmware *
siemens cpu_1516pro-2_pn -
siemens cpu_1516-3_firmware *
siemens cpu_1516-3 -
siemens cpu_1516f-3_firmware *
siemens cpu_1516f-3 -
siemens cpu_1516t-3_pn\/dp_firmware *
siemens cpu_1516t-3_pn\/dp -
siemens cpu_1516tf-3_pn\/dp_firmware *
siemens cpu_1516tf-3_pn\/dp -
siemens cpu_1517-3_pn\/dp_firmware *
siemens cpu_1517-3_pn\/dp -
siemens cpu_1517f-3_pn\/dp_firmware *
siemens cpu_1517f-3_pn\/dp -
siemens cpu_1517t-3_pn\/dp_firmware *
siemens cpu_1517t-3_pn\/dp -
siemens cpu_1517tf-3_pn\/dp_firmware *
siemens cpu_1517tf-3_pn\/dp -
siemens cpu_1518-4_pn\/dp_firmware *
siemens cpu_1518-4_pn\/dp -
siemens cpu_1518f-4_pn\/dp_firmware *
siemens cpu_1518f-4_pn\/dp -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1504d_tf_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CA891A-C3C9-4F61-9A8C-B3EF6B6ACCDD",
              "versionEndExcluding": "2.9.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1504d_tf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6150A06A-0EB8-46CC-A118-2E70BF183CFE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1507d_tf_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7608E053-65DC-443C-BB69-13CC4788CBEA",
              "versionEndExcluding": "2.9.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1507d_tf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F33CBC2-330D-4791-9BAB-ECEF3720BBC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1515sp_pc2_tf_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25352E66-1B7E-4FA3-B56D-FED1E5AC1B1A",
              "versionEndExcluding": "21.9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1515sp_pc2_tf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE1F1B14-C5F6-463C-9DD8-70401123683B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7_plcsim_advanced_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A8F8195-DFED-4F42-B7DB-85F0F9A53719",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7_plcsim_advanced:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "442B86FA-A38B-47B4-BAE3-AB413A8DC99C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D2766CB-A0CE-4552-8ED0-4C4C0732054A",
              "versionEndExcluding": "21.9",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:tim_1531_irc_firmware:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49EC5FC9-5802-48B6-BDE7-150D80F19A0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D94BEB-BBFB-4258-9835-87DBBB999239",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1211c_firmware:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E64F90D8-87A8-4CF5-85E7-771C3A299B7C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1211c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "172D341B-D863-4C24-9B6E-633EBE87C8C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1212c_firmware:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D2D5DF-1817-474C-A700-03F17465A4A3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1212c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B475E4F-EE4F-4435-9F0B-8E4FA35377BE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1212fc_firmware:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6A4E372-E01C-4D0C-AB6F-4BEF2DEB847C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1212fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1402D624-5AF3-4E25-A2B0-9D9F214EE8FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1214fc_firmware:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FA5E2C9-7A1D-49DE-A749-C77D56CD3D5A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1214fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A988C9F-60DF-4BC5-A890-F03F445DD9BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1214c_firmware:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A01D94-2FE7-4A2D-8827-EC419C0C90C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1214c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F714315-8BEB-4BD3-BE59-C6649A0A105E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1215fc_firmware:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7716828B-440F-4BE4-8DD6-28513E89F1E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1215fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF22AB6-6DAA-4983-99DB-4F2A2E76856F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1215c_firmware:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F05CEC7-E004-4261-A553-7FB3BFF5A8A8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1215c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C90820D3-3F3E-4DC4-9DCE-A498CC26268D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1217c_firmware:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5893F8F5-24A7-4EBD-85B5-B98443883CEB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1217c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C95F12D-563A-4915-9F26-A461EB4F8FA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1510sp_f-1pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10E2C1FE-309C-43EE-B7B7-BD757D9EF688",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1510sp_f-1pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D47104-34D6-4901-BB41-015F393F33E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1511-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D89E66-BC93-4BD4-9B93-135600F8D7F6",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1511-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6469A423-1EAF-4B51-9083-FB6BF76131C7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1511-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D89E66-BC93-4BD4-9B93-135600F8D7F6",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1511-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6469A423-1EAF-4B51-9083-FB6BF76131C7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1511f-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "236392E7-D009-46FD-99B4-BDEFE6CEACAA",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1511f-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3231D8E3-D367-4224-BF9E-D547B99C349D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1512sp-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F1EE812-5343-47DC-8C23-C3CFA38D7D8F",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1512sp-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B7D3CDB-E783-4B0A-B326-26BB06DD51F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1512sp_f-1pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8296B4FE-4394-4A83-9BC9-EC28B06B7991",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1512sp_f-1pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C37C7DE-C0F9-4CAB-B129-489E720F12A8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1513-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CBE2EBD-72DD-40D1-BFA8-AAF578E512F9",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1513-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ADE6CA7-7F84-419F-B942-20857402A131",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1513-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CBE2EBD-72DD-40D1-BFA8-AAF578E512F9",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1513-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ADE6CA7-7F84-419F-B942-20857402A131",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1513f-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3175E6AF-D2A6-406B-99CA-10937EAD1BFD",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1513f-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3985C16-08DE-463D-B352-454673613BEE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1516-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "949C355A-52AC-4E0B-B721-C4F3FEE1CBBB",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1516-3_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D41186C9-E730-435C-B9A5-F90ADE4C5CAE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1516-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "949C355A-52AC-4E0B-B721-C4F3FEE1CBBB",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1516-3_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D41186C9-E730-435C-B9A5-F90ADE4C5CAE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu-1516f-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0544DDE-6523-4ED1-BC54-D88D31BB141F",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu-1516f-3_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E37DBA8-0842-4271-B3AE-FE884E38938A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1518-4_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "340AA4FB-2EB5-4E4C-BCAA-DB17F47C2B3E",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1518-4_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E71D86D1-F007-4B89-BBCA-246C387BE6A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:siplus_cpu_1518f-4_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9CB34E2-B41A-48AC-B97F-C9F9999CE0FB",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:siplus_cpu_1518f-4_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DDF7F78-E67A-4D26-8E98-93F0F759D4DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1510sp-1pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB385BA-6824-4B6A-AD06-BE1720D878D0",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1510sp-1pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF05811C-36D7-4C68-8CAD-79A8A370E49B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu1510sp_f-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0F759CF-4B0E-44E2-9FED-62EACD40FA7C",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu1510sp_f-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F93E2391-2433-4D42-B320-38F3EC211514",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1511-1pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A393E7-C39B-4ABF-B1F1-4811AF861214",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1511-1pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "562DBC23-9FFD-4427-90A5-D8747E3FE9CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1511-1pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A393E7-C39B-4ABF-B1F1-4811AF861214",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1511-1pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "562DBC23-9FFD-4427-90A5-D8747E3FE9CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1511c-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAC86E1-2DE7-441D-805A-65401BEFD9BA",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1511c-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3895DBD-B615-449D-9339-D52848B5B416",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1511f-1pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7271B3C5-5D82-4164-8974-56BE34929752",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1511f-1pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A70BDF8-5FDB-4AFE-B598-CB11B11A5839",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1511t-1pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A69A3171-3CB9-4C25-B6D2-D6B9B0884243",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1511t-1pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "935B4436-0896-433F-8D4B-AEAF65055D24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1511tf-1pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB5F138-14D8-41A3-AAD2-C2327CD044F9",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1511tf-1pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C8E0FD8-5FB7-4230-A7B9-B3B716BB190D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1512c-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D58B1C7-F35C-441D-B287-72D86F496977",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1512c-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35912967-78E4-46FF-AB85-B4F3B230A149",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1512sp-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018750E9-D640-4799-84E8-F4E8F672B92A",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1512sp-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93570D33-912F-4865-961D-0D33FBFC0A8E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1512sp_f-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3F670D4-A18A-4CB8-8115-D827225F9336",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1512sp_f-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8852B2E6-DC4D-4E77-95CC-9EFDBCD5F699",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1513-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE09034-2A3D-4518-95E7-4EC1F6F147FF",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1513-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41D428E7-26E3-4E14-853A-7768F0319C73",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1513f-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A14F03B2-2C86-4353-ABF5-18F1AA699128",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1513f-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D82ABDB8-835A-4F5E-92D9-9C3665D28D35",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1513r-1_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4649855B-5021-432C-8909-623F703F486D",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1513r-1_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF327DAF-1FF8-4152-840A-1C49FFA30221",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1513pro_f-2_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B4A4FE9-94F8-49BB-AA72-CAC160BF1B8F",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1513pro_f-2_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAF54AEA-EA6B-4C04-99F4-8BE928E53DD7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1515-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B184D76-82FA-41AB-BD95-01B8CA36BDCB",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1515-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A94CE47C-C9CC-4B40-8898-D13BE7711C17",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1515f-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30764F4-40F1-4515-9183-AA5DC4BF8986",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1515f-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A69CEB7D-A021-4F03-BDB6-1E43B96E64DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1515r-2_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1106CDD9-B67A-47E0-A646-A266E1D4DCB7",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1515r-2_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "696176E2-37C7-4B45-9A0D-4E7789C00D76",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1515t-2_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D77B4D47-CBFE-46D6-B616-D84CB59F89E6",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1515t-2_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF7505A-A791-4E71-AFFD-41522E829847",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1515tf-2_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D016E20-8320-4137-972D-0E24A2A7BC2E",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1515tf-2_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04E6BAF1-FE0B-4A74-ACC1-0FE1A7B385AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1516pro_f-2_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F39B94-7130-4ACF-AF2B-151618F0A342",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1516pro_f-2_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73A9B384-9953-48DE-A694-DA7846F1F1DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1516pro-2_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B3129DE-7633-4CB1-A183-C9722EFFE2AD",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1516pro-2_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB0E08E7-384D-43C4-9416-492B529BFFFB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1516-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1EC60B9-FAE8-4C62-9688-6DA0340D964E",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1516-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EE183F6-A7FD-4EE4-958A-7E25E6088443",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1516f-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73FA056-3900-4B80-8090-881205932E7E",
              "versionEndExcluding": "2.9.2.",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1516f-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F42FF47-E56D-4CD9-A989-E78D001A13E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1516t-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C83EBB3-5E82-476B-B171-B0816C748A08",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1516t-3_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03014438-9CD3-4A98-A831-22E393165159",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1516tf-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19BD6ECC-0DB0-4E08-9F52-ED1E04CFBDDE",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1516tf-3_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A817E11-95D6-42FD-ADA3-CB0422796B5C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1517-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C444654E-A635-4D59-A449-7A81380E5D60",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1517-3_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90E06813-3A20-4EE5-92D9-72B1AA966CFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1517f-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "208F9BBB-F06E-4DF5-83D2-87CC52864AF5",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1517f-3_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4CC39EA-FF0E-412B-B120-04321CFE873D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1517t-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7425D60D-8DAA-4C7C-AA66-0B7D62ACFAAE",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1517t-3_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41BC7FD0-6AB2-4E93-A021-46C7359BE528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1517tf-3_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9077FD36-23E0-42BD-98ED-2C9DA009F57D",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1517tf-3_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3EBEB34-9B3E-4423-82D5-1A412CC84B9B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1518-4_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4F9D353-9061-496D-BE78-A56E6FFF76C0",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1518-4_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE8D939-8B71-443A-A060-597C1BF9BB30",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cpu_1518f-4_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23BB64D2-93ED-4E31-A10C-B427FC4658BD",
              "versionEndExcluding": "2.9.2",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1518f-4_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D524AE8-F24C-4A18-AA45-0B6820290211",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7 PLCSIM Advanced (All versions \u003e V2 \u003c V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e V2.5 \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003e V2.5 \u003c V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en la familia de controladores de accionamiento SIMATIC (Todas las versiones anteriores a la versi\u00f3n V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a la versi\u00f3n V21.9), SIMATIC S7 PLCSIM Advanced (Todas las versiones posteriores a V2 y anteriores a V4), familia SIMATIC S7-1200 CPU (incluyendo las variantes SIPLUS) (Version V4.4), familia SIMATIC S7-1500 CPU (incl. CPUs ET200 relacionadas y variantes SIPLUS) (Todas las versiones posteriores a V2.5 y anteriores a V2.9.2), SIMATIC S7-1500 Software Controller (Todas las versiones posteriores a V2.5 y anteriores a V21.9), TIM 1531 IRC (incluyendo las variantes SIPLUS NET) (Version V2.1). Debido a una comprobaci\u00f3n de autorizaci\u00f3n incorrecta en el componente afectado, un atacante podr\u00eda extraer informaci\u00f3n sobre el acceso a las variables del programa del PLC protegidas a trav\u00e9s del puerto 102/tcp de un dispositivo afectado cuando lee varios atributos a la vez"
    }
  ],
  "id": "CVE-2020-28397",
  "lastModified": "2024-11-21T05:22:43.247",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-08-10T11:15:07.423",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-05-28 16:15
Modified
2024-11-21 05:06
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions < V6.15), SINUMERIK ONE (All versions < V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdfPatch, Vendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf
Impacted products
Vendor Product Version
siemens simatic_driver_controller_firmware *
siemens cpu_1504d_tf -
siemens cpu_1507d_tf -
siemens s7-1200_cpu_firmware *
siemens cpu_1211c -
siemens cpu_1212c -
siemens cpu_1212fc -
siemens cpu_1214c -
siemens cpu_1214fc -
siemens cpu_1215c -
siemens cpu_1215fc -
siemens cpu_1217c -
siemens s7-1500_cpu_firmware *
siemens 6es7510-1dj01-0ab0 -
siemens 6es7510-1sj01-0ab0 -
siemens 6es7511-1ak01-0ab0 -
siemens 6es7511-1ak02-0ab0 -
siemens 6es7511-1ck00-0ab0 -
siemens 6es7511-1ck01-0ab0 -
siemens 6es7511-1fk01-0ab0 -
siemens 6es7511-1fk02-0ab0 -
siemens 6es7511-1tk01-0ab0 -
siemens 6es7511-1uk01-0ab0 -
siemens 6es7512-1ck00-0ab0 -
siemens 6es7512-1ck01-0ab0 -
siemens 6es7512-1dk01-0ab0 -
siemens 6es7512-1sk01-0ab0 -
siemens 6es7513-1al01-0ab0 -
siemens 6es7513-1al02-0ab0 -
siemens 6es7513-1fl01-0ab0 -
siemens 6es7513-1fl02-0ab0 -
siemens 6es7513-1rl00-0ab0 -
siemens 6es7513-2gl00-0ab0 -
siemens 6es7513-2pl00-0ab0 -
siemens 6es7515-2am01-0ab0 -
siemens 6es7515-2am02-0ab0 -
siemens 6es7515-2fm01-0ab0 -
siemens 6es7515-2fm02-0ab0 -
siemens 6es7515-2rm00-0ab0 -
siemens 6es7515-2tm01-0ab0 -
siemens 6es7515-2um01-0ab0 -
siemens 6es7516-2gn00-0ab0 -
siemens 6es7516-2pn00-0ab0 -
siemens 6es7516-3an01-0ab0 -
siemens 6es7516-3an02-0ab0 -
siemens 6es7516-3fn01-0ab0 -
siemens 6es7516-3fn02-0ab0 -
siemens 6es7516-3tn00-0ab0 -
siemens 6es7516-3un00-0ab0 -
siemens 6es7517-3ap00-0ab0 -
siemens 6es7517-3fp00-0ab0 -
siemens 6es7517-3hp00-0ab0 -
siemens 6es7517-3tp00-0ab0 -
siemens 6es7517-3up00-0ab0 -
siemens 6es7518-4ap00-0ab0 -
siemens 6es7518-4ap00-3ab0 -
siemens 6es7518-4fp00-0ab0 -
siemens 6es7518-4fp00-3ab0 -
siemens simatic_s7-1500__software_controller *
siemens simatic_s7-plcsim_advanced *
siemens et_200sp_open_controller_firmware *
siemens cpu_1515sp_pc -
siemens cpu_1515sp_pc2 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_driver_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7B8C5FB-3BF8-4A74-AB58-474D754CFBBA",
              "versionEndExcluding": "2.9.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1504d_tf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6150A06A-0EB8-46CC-A118-2E70BF183CFE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1507d_tf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F33CBC2-330D-4791-9BAB-ECEF3720BBC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:s7-1200_cpu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6852AC11-6388-4D26-923E-DB8933F05EDC",
              "versionEndExcluding": "4.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1211c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "172D341B-D863-4C24-9B6E-633EBE87C8C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1212c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B475E4F-EE4F-4435-9F0B-8E4FA35377BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1212fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1402D624-5AF3-4E25-A2B0-9D9F214EE8FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1214c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F714315-8BEB-4BD3-BE59-C6649A0A105E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1214fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A988C9F-60DF-4BC5-A890-F03F445DD9BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1215c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C90820D3-3F3E-4DC4-9DCE-A498CC26268D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1215fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF22AB6-6DAA-4983-99DB-4F2A2E76856F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1217c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C95F12D-563A-4915-9F26-A461EB4F8FA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:s7-1500_cpu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8BEAD8-461A-4832-8BF7-9F2CE8ADB6BC",
              "versionEndExcluding": "2.9.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:6es7510-1dj01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0645616B-B515-49BE-9C9A-33A0E9E7C108",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7510-1sj01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D11FF81-01F3-4B07-B57C-8B43DAD3640A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7511-1ak01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9FFB12A-E3B7-4273-AAAF-0AECB9BB69C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7511-1ak02-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25A19AB0-CCC8-4513-8182-68CE66F136F1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7511-1ck00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED5460A-76CF-4830-AAFB-A10CE7EFD129",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7511-1ck01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "207FD076-F2B7-4DE5-8390-E135A09DBD26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7511-1fk01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF0FB5A5-A930-4635-B483-991611967E1E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7511-1fk02-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F039613-55B4-45E9-9E12-9603DF424A6A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7511-1tk01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA18592B-0624-4C06-AC5E-1336E9E02C11",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7511-1uk01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3C00821-4873-4B80-ADC5-FED9FFD810DC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7512-1ck00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E4D7484-F6E9-4A5C-9695-691FC48D602C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7512-1ck01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE762064-FE24-4A1D-94DA-7411CC701B8A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7512-1dk01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A1B45F7-14BA-45B5-AE0F-25F4E77CB40E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7512-1sk01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC5C0BB0-A443-4764-9A9F-828882556665",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7513-1al01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CC9DB1B-DDAC-4FD2-BB9E-F64941C14E58",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7513-1al02-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C01A87E-E18E-4E83-BCC5-AAE48E177B96",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7513-1fl01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5426F764-765B-4E80-86D5-A86EF95A53F6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7513-1fl02-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F16BF979-9B89-42C9-8B5D-2A9F5E76F10E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7513-1rl00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7FC9267-B12D-4E13-BEB5-7D61989C1047",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7513-2gl00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E3A8F5-7BC8-43C5-84D9-00DCEB4D4E05",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7513-2pl00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAA520E3-A01E-441C-95B3-B3481C4405C4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7515-2am01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBFB9E73-59C8-4E05-ABDD-335315EE37CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7515-2am02-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "225036D8-E501-4069-9D30-C243AE79CA2B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7515-2fm01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69F4097E-27F4-43EB-81E7-BD497477396F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7515-2fm02-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF247FF5-E912-44E1-8D0A-781912797783",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7515-2rm00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B707B729-AEF1-446D-9E85-5504BF098635",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7515-2tm01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD88AAE-1926-47AA-9071-E657053D9A91",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7515-2um01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C71F8606-63FC-4BC6-830C-1FF19B30110A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7516-2gn00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEA0DD75-F6B4-41A7-A9AA-03FAFAA38B16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7516-2pn00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CBB9517-4F18-4CB9-B7F3-4D30D6E9DCE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7516-3an01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C07F7B-5042-44BA-B5F3-438A60A776D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7516-3an02-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D2412B1-8ADC-48AC-85CF-BAE6E3674B29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7516-3fn01-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6F8F1FC-3F9A-48B0-A6EE-9AB66AB4A1E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7516-3fn02-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC0DCCCE-1348-48FC-BD48-0D23F4A8A69D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7516-3tn00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E728548F-2F18-4BF4-8A32-83CBAE2D5A12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7516-3un00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE4AEE6E-03BA-4302-9D77-FC3102A216E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7517-3ap00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C49DB60C-69FB-4251-9185-02CABCB66E86",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7517-3fp00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5628EB18-2D21-40F2-ACCC-65EF5D9A5BB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7517-3hp00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E341A3B-D0F6-49EC-AE13-CC2D0DA6AF15",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7517-3tp00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD084757-FD90-45BA-96D2-F885741EE205",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7517-3up00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A49F3BE-3391-423F-9EBC-5DAEB1A33C06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7518-4ap00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A40D89C7-A781-407A-B675-507E3211EB38",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7518-4ap00-3ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91BAF17B-E442-48E2-8484-547CB4375213",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7518-4fp00-0ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F17DE4F0-A475-4F08-99A5-36744978FEB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6es7518-4fp00-3ab0:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC059287-41DD-4926-A17A-ED256541AD28",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-1500__software_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6745F8B-D98C-4410-AB01-CE6EE3DDCB4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E58BF80D-955E-44DE-B376-FC632C197390",
              "versionEndExcluding": "4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:et_200sp_open_controller_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA915A3-BC37-4907-8207-AD3B2E4C488F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1515sp_pc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F01ED37-3930-48BD-B911-388775A1715A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:cpu_1515sp_pc2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02DE6F0F-C1FD-4007-AFA4-12F79C8DF1EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions \u003c V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.9.2), SIMATIC S7-1500 Software Controller (All versions \u003c V21.9), SIMATIC S7-PLCSIM Advanced (All versions \u003c V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions \u003c V6.15), SINUMERIK ONE (All versions \u003c V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en la familia SIMATIC Drive Controller (Todas las versiones anteriores a la versi\u00f3n V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incluyendo las variantes SIPLUS) (Todas las versiones), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a la versi\u00f3n V21.9), familia SIMATIC S7-1200 CPU (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a la versi\u00f3n V4.5.0), familia SIMATIC S7-1500 CPU (incluyendo CPU ET200 relacionadas y variantes SIPLUS) (Todas las versiones anteriores a la versi\u00f3n V2.9.2), SIMATIC S7-1500 Software Controller (Todas las versiones anteriores a la versi\u00f3n V21.9), SIMATIC S7-PLCSIM Advanced (Todas las versiones anteriores a la versi\u00f3n V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Unidades fabricadas antes de 2021-08-13), SINUMERIK MC (Todas las versiones anteriores a la versi\u00f3n V6.15), SINUMERIK ONE (Todas las versiones anteriores a la versi\u00f3n V6.15). Los dispositivos afectados son vulnerables a una omisi\u00f3n de protecci\u00f3n de la memoria mediante una operaci\u00f3n espec\u00edfica. Un atacante remoto no autenticado con acceso de red al puerto 102/tcp podr\u00eda potencialmente escribir datos y c\u00f3digo arbitrario en \u00e1reas de memoria protegidas o leer datos confidenciales para iniciar m\u00e1s ataques"
    }
  ],
  "id": "CVE-2020-15782",
  "lastModified": "2024-11-21T05:06:10.140",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-28T16:15:07.790",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}