Vulnerabilites related to siemens - simatic_rf185c_firmware
Vulnerability from fkie_nvd
Published
2021-03-25 15:15
Modified
2024-11-21 06:21
Severity ?
Summary
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "B213E696-A6D9-45E7-B4E4-E4CFE54ECEB8", versionEndExcluding: "1.1.1k", versionStartIncluding: "1.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*", matchCriteriaId: "73D9C08B-8F5B-40C4-A5BD-B00D2E4C012D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:*", matchCriteriaId: "62A178A3-6A52-4981-9A27-FB07AD8AF778", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:*", matchCriteriaId: "54A487B1-E5CE-4C76-87E8-518D24C5D86D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-:*:*:*:*:*:*:*", matchCriteriaId: "280AA828-6FA9-4260-8EC1-019423B966E1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", matchCriteriaId: "24B8DB06-590A-4008-B0AB-FCD1401C77C6", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*", matchCriteriaId: "361B791A-D336-4431-8F68-8135BEFFAEA2", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", matchCriteriaId: "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*", matchCriteriaId: "8ADFF451-740F-4DBA-BD23-3881945D3E40", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "4ACF85D6-6B45-43DA-9C01-F0208186F014", versionEndExcluding: "6.0.9", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*", matchCriteriaId: "0AC12300-9051-4C70-9941-9FE5E64B4B30", versionEndIncluding: "8.13.1", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:*:*:*:*:*:*:*", matchCriteriaId: "657682A0-54D5-4DC6-A98E-8BAF685926C4", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:*:*:*:*:*:*:*", matchCriteriaId: "8FC5C76C-3474-4B26-8CF0-2DFAFA3D5458", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:*:*:*:*:*:*:*", matchCriteriaId: "8661D361-71B5-4C41-A818-C89EC551D900", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:*:*:*:*:*:*:*", matchCriteriaId: "253603DC-2D92-442A-B3A8-A63E14D8A070", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:*:*:*:*:*:*:*", matchCriteriaId: "8E112CFF-31F9-4D87-9A1B-AE0FCF69615E", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "AC1721B5-9FCD-47C3-8338-E02932CF2C05", versionEndIncluding: "5.17.0", versionStartIncluding: "5.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:web_gateway:8.2.19:*:*:*:*:*:*:*", matchCriteriaId: "DEA7F1FD-9FAB-4654-98B0-4588EEC8B69A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway:9.2.10:*:*:*:*:*:*:*", matchCriteriaId: "868B2C4B-CE6B-41DA-A373-7D4FA51EFE9F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway:10.1.1:*:*:*:*:*:*:*", matchCriteriaId: "550F47A2-3393-481E-BC40-CE606BFA8776", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway_cloud_service:8.2.19:*:*:*:*:*:*:*", matchCriteriaId: "43392D27-6C07-41C7-A17F-10C433338CE9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway_cloud_service:9.2.10:*:*:*:*:*:*:*", matchCriteriaId: "8FBF6C4C-195F-49A7-861D-52677D9BE58D", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway_cloud_service:10.1.1:*:*:*:*:*:*:*", matchCriteriaId: "90732D53-E802-4E1B-B6C8-B1FDCE7905A4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r80.40:*:*:*:*:*:*:*", matchCriteriaId: "A98B128A-C58E-48EC-B691-AF73126A0822", vulnerable: true, }, { criteria: "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r81:*:*:*:*:*:*:*", matchCriteriaId: "345B990F-C1C4-440B-804E-0A2882FE7C01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:checkpoint:quantum_security_management:-:*:*:*:*:*:*:*", matchCriteriaId: "08601413-25E2-4977-B67A-C11A9D788EA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r80.40:*:*:*:*:*:*:*", matchCriteriaId: "EFC067CC-EB90-43F5-9674-089D5C611573", vulnerable: true, }, { criteria: "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r81:*:*:*:*:*:*:*", matchCriteriaId: "80B223A7-1039-445D-ABE1-5E481004D956", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:checkpoint:multi-domain_management:-:*:*:*:*:*:*:*", matchCriteriaId: "1584E1B4-412C-40E2-BF07-4E464692F2AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*", matchCriteriaId: "A0002A29-8B42-445D-9EC4-58BC93194241", vulnerable: true, }, { criteria: "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81:*:*:*:*:*:*:*", matchCriteriaId: "3B0EDB21-9305-4601-AB96-A77BD00F311D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*", matchCriteriaId: "9016DDF6-285C-4E64-88D0-29ECCEF048F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "570DB369-A31B-4108-A7FD-09F674129603", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "61516569-C48F-4362-B334-8CA10EDB0EC2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*", matchCriteriaId: "394A16F2-CCD4-44E5-BF6B-E0C782A9FA38", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*", matchCriteriaId: "058C7C4B-D692-49DE-924A-C2725A8162D3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*", matchCriteriaId: "0F0434A5-F2A1-4973-917C-A95F2ABE97D1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*", matchCriteriaId: "96DD93E0-274E-4C36-99F3-EEF085E57655", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", matchCriteriaId: "86305E47-33E9-411C-B932-08C395C09982", versionEndExcluding: "9.2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*", matchCriteriaId: "0B1CAD50-749F-4ADB-A046-BF3585677A58", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*", matchCriteriaId: "A8782A14-89B0-45EE-A5CB-FF715F5BA379", versionEndIncluding: "8.0.23", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "5C40ECC8-933B-47A4-8082-FCF0EF9C973E", versionEndIncluding: "5.7.33", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "32714AD7-BCD1-4624-9923-5E6D927CF3CB", versionEndIncluding: "8.0.23", versionStartIncluding: "8.0.15", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*", matchCriteriaId: "CB1A94E1-A6C6-488D-A74C-6C0B24637272", versionEndIncluding: "8.0.23", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", matchCriteriaId: "08FA59A8-6A62-4B33-8952-D6E658F8DAC9", versionEndIncluding: "17.12", versionStartIncluding: "17.7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", matchCriteriaId: "10864586-270E-4ACF-BDCC-ECFCD299305F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", matchCriteriaId: "38340E3C-C452-4370-86D4-355B6B4E0A06", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*", matchCriteriaId: "E9C55C69-E22E-4B80-9371-5CD821D79FE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*", matchCriteriaId: "C01E8B82-71C7-4A4A-A70A-7B147524AB4A", versionEndExcluding: "18.1.0.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:secure_global_desktop:5.6:*:*:*:*:*:*:*", matchCriteriaId: "9DA11710-9EA8-49B4-8FD1-3AEE442F6ADC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:sma100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E8B6D50-D482-43E9-A20D-FA77FD59AE2D", versionEndExcluding: "10.2.1.0-17sv", versionStartIncluding: "10.2.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:sonicwall:sma100:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A2B7B-40F5-4AE0-ACC7-E94B82435DBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sonicwall:capture_client:3.5:*:*:*:*:*:*:*", matchCriteriaId: "349EB4AE-65E3-42DC-8F9C-3A1A155324D7", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:7.0.1.0:*:*:*:*:*:*:*", matchCriteriaId: "2BD8688A-2D55-4A7E-A143-1BD0FCF957B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rcm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5081E52B-E7C0-46BD-B1D0-2C70ABCC8831", versionStartIncluding: "6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rcm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "3747CDD7-E833-4B68-A362-77D6A2E9D888", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "058D21EA-E94C-4DDC-AD92-967DAC934457", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*", matchCriteriaId: "52A77C9D-E59C-4397-B834-797D7B334A6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "424CD8EA-D8CB-40C7-8E0F-AC4B05C59C99", versionStartIncluding: "6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s602_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "858B6A84-5D0E-4E23-AE32-A45B51BAC8CF", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s602:-:*:*:*:*:*:*:*", matchCriteriaId: "F4D89D82-C2CE-44DC-A05B-B956F20BF4E3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s612_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D173626B-9C50-489F-8BA4-1C45E5F96526", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s612:-:*:*:*:*:*:*:*", matchCriteriaId: "CA7B48D2-0D17-420D-AAE1-35E5C0BE2924", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E967F5FC-6F3E-4982-8813-CA1DAF3BE165", versionStartIncluding: "6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s623_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81F315D8-0B26-4442-B330-85124017A482", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s623:-:*:*:*:*:*:*:*", matchCriteriaId: "F80D9A79-7984-462B-B4B9-6A4429422038", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s627-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F20F735-7A70-4A24-9621-786F99C8F87D", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s627-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "B51B40F8-71D2-4D2D-8EC2-CE154A6D7533", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "973B8030-B630-4D67-B897-25A359A96185", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*", matchCriteriaId: "725C671B-D7A0-48CF-8A31-5F9C4173F1DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86EA8E3F-81BD-47BC-9834-A9B69CA7E70C", versionStartIncluding: "6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*", matchCriteriaId: "D3033B1E-57A6-4AE3-A861-7047CF8EAD79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE116AD9-B55F-41C8-8B55-329809DB63E1", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w1700:-:*:*:*:*:*:*:*", matchCriteriaId: "5D9A73DD-4A21-4096-B4B6-A0A825E71006", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "144CDF5E-7E07-428B-B4DF-C94992B3A44A", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", matchCriteriaId: "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "339FFBDF-6957-481F-84CE-878B5CAAD9C8", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", matchCriteriaId: "7719E194-EE3D-4CE8-8C85-CF0D82A553AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FBB13D3-4E04-4D01-B880-C16C4FFA240B", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*", matchCriteriaId: "58377C58-F660-4C17-A3CB-BFC2F28848CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E40058B3-3726-4F6A-AB41-7679487639F2", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*", matchCriteriaId: "798E900F-5EF9-4B39-B8C2-79FAE659E7F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E642D10-E701-44DF-863B-D0DAA5530F50", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", matchCriteriaId: "8F962FC7-0616-467F-8CCA-ADEA224B5F7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A53C2B5-A3FD-44CC-A78B-D2124EF37DB4", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*", matchCriteriaId: "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54FBE4D4-F31E-4B61-9216-44C8EC2988AB", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "B0E6B7D8-3F9E-43D6-AEFE-DEE3993679C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr526-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20511D61-FC1D-453E-BDF6-D3FB9951192A", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "67661569-6233-4C74-9C72-88BD14B257FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "640AC619-B516-46FC-821B-09C4542A3FD6", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m:-:*:*:*:*:*:*:*", matchCriteriaId: "3E048C4A-A414-4C87-A865-4D4218AE32EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1FB979DB-731B-4693-A9F8-B11ED953717C", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12:-:*:*:*:*:*:*:*", matchCriteriaId: "09743616-31C9-4E47-8A4A-B15D76204BE7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "886D2FE6-B054-4E3B-BACB-F08C0A119A80", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3B185B70-CAC9-47AC-8639-7A4707C21540", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cloud_connect_7:-:*:*:*:*:*:*:*", matchCriteriaId: "9FA78457-260C-467B-9785-04B3C8EDF3B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABEA3BEE-E7AF-4C9A-ADE4-CE7FC1DB7639", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "049460B8-6186-44F9-B41F-284A2EC0B3B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1242-7_gprs_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "205482DA-548C-4757-91F0-1599438873BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_basic_panels_2nd_generation_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45208694-635A-42AC-B668-8B67C60568B8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_basic_panels_2nd_generation:-:*:*:*:*:*:*:*", matchCriteriaId: "7D8F8BCE-35CE-492A-8BFE-2C36EA51CE5C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4C147D9-4649-4289-B18B-55BD6E33521A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*", matchCriteriaId: "F4830E0D-0128-4E5B-AB81-2B238471AE4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54EFA8B5-8DA1-4547-9E15-BDC265C56006", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CEB200-E38F-4629-9279-5AF065396678", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_mv500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE4FA1E6-4C5A-4CDC-AD40-E384C0BCA90D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_mv500:-:*:*:*:*:*:*:*", matchCriteriaId: "93A5B50E-0316-4189-8F41-54732CFCF63F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D254DA1D-C53E-426B-9C69-580CC47CF0AA", versionStartIncluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*", matchCriteriaId: "65278BA0-3C81-4D81-9801-D7BE3A1D7680", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C06A02ED-0BA3-4A2C-AF0C-689B8AEB34B8", versionStartIncluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1243-7_lte_eu:-:*:*:*:*:*:*:*", matchCriteriaId: "209C7B1E-10F6-4215-AF69-CC36192E0FCE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_us_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF8C00EE-1154-440C-A223-A2CE99CE3126", versionStartIncluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1243-7_lte_us:-:*:*:*:*:*:*:*", matchCriteriaId: "171A9543-E677-422F-8AEA-1BC2D0E53593", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DB201DD3-8890-453E-A11E-1E13B3DAB3F9", versionStartIncluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "350FD323-C876-4C7A-A2E7-4B0660C87F6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61E498B1-87FF-454B-8DF0-61D0D3208491", versionStartIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "C1EE2F10-A7A6-486F-AE5C-53AE25BAF200", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "90FB801F-11B5-438C-98A1-E928BFEA2ADB", versionEndExcluding: "3.0", versionStartIncluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F56C2BDC-928E-491A-8E7C-F976B3787C7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E4BA1E6-64F7-4B96-8302-134057DAB1BE", versionStartIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "783B50B8-2FB7-4982-88AA-B4F2AD094796", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1545-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1DCA9544-DD17-4F56-B34C-91A3F37154AF", versionStartIncluding: "1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1545-1:-:*:*:*:*:*:*:*", matchCriteriaId: "1256EB4B-DD8A-4F99-AE69-F74E8F789C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pcs_7_telecontrol_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C25165E-EDE9-42F1-A3B9-0E47630D49CC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pcs_7_telecontrol:-:*:*:*:*:*:*:*", matchCriteriaId: "5BF281FB-26E0-43E4-A2B6-4015661368AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pcs_neo_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6EEACFC9-41B7-4EE0-9427-692363880326", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pcs_neo:-:*:*:*:*:*:*:*", matchCriteriaId: "EF3CA343-CA2A-4593-930C-158612CE7A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7E9AE23E-7DAE-4191-BA4E-A7CD655C4BC8", versionStartIncluding: "9.1.0.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*", matchCriteriaId: "E092B735-42D5-48D5-947B-288C0FA2E180", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D874D636-392A-4750-B976-F411DBCEBA8D", versionStartIncluding: "2019", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_process_historian_opc_ua_server:-:*:*:*:*:*:*:*", matchCriteriaId: "14EC9343-7778-40B0-A74D-5C156FF2A229", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "968FBB4E-5B0B-43D4-B3AD-418028093990", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*", matchCriteriaId: "391AD485-A49D-43D0-AAE5-1F58B38D4E22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5212F097-B65A-4D73-BB6F-49687F8AD980", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D806113B-57EB-4AA0-9D5E-12E30337A93B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53FA50A7-2DF6-454E-8A8E-838C392AB417", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F3D41E9-58B3-4251-8710-A8C4A24ABBD3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*", matchCriteriaId: "E21F9909-8D80-40BE-81E0-6ED7FE140A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC628CB7-0816-4267-9C5D-954BD0233D2E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*", matchCriteriaId: "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "88E64167-16AA-48D7-BCDC-B15D37FA666D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*", matchCriteriaId: "63F05227-208B-42C8-8D56-A5D106CAD32F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47F1294A-1C26-4D43-9C53-D833F2510536", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1211c:-:*:*:*:*:*:*:*", matchCriteriaId: "3871C0C9-C65E-4E0B-9CA8-75E60066297F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4AF60081-D534-44F5-972F-23257F16F372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212c:-:*:*:*:*:*:*:*", matchCriteriaId: "07849777-92E7-41D2-9128-F8D20DE15391", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212fc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AEF1726E-B56F-4D39-AFF4-E79A3CA00DE6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212fc:-:*:*:*:*:*:*:*", matchCriteriaId: "68B3573B-A31E-4489-B2DD-B01B5C1D03CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9CC4A9F7-9858-4F95-8097-F8D09DA61314", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*", matchCriteriaId: "B640800C-9263-4BEA-9DA5-1323932540BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4948734A-0AAD-4D28-B7FF-FFBBB9AA39C6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214c:-:*:*:*:*:*:*:*", matchCriteriaId: "FE17584A-BF7A-48B8-A9CB-477663766C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9CC4A9F7-9858-4F95-8097-F8D09DA61314", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*", matchCriteriaId: "B640800C-9263-4BEA-9DA5-1323932540BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215_fc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6EE37798-B068-40E5-BC03-1D8D303E5926", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215_fc:-:*:*:*:*:*:*:*", matchCriteriaId: "76C7D55C-8D99-4E2F-A254-1BDE2B12A203", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E0C491C-5C4A-4F1C-ABD4-9502A54AAA78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215c:-:*:*:*:*:*:*:*", matchCriteriaId: "CC4698CF-F935-4707-BA91-7E3650C7956C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E7657063-1296-4734-B108-A2FF7A01B07F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1217c:-:*:*:*:*:*:*:*", matchCriteriaId: "232279DE-CF1C-4A3C-886D-B4CE3F104F09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8C477CCD-06C7-4907-8B0C-4FCE7F6DADAD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp:-:*:*:*:*:*:*:*", matchCriteriaId: "3BC4FA01-8DDB-41E4-B759-7B504F78AEBC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_connect_300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3360ACCE-E735-4E34-B278-0D4460E74CBF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_connect_300:-:*:*:*:*:*:*:*", matchCriteriaId: "7B854F5B-78C7-41FE-9364-5E71B36342A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D2B20D95-C4B3-4D13-A3D8-F22AC42DC059", versionEndExcluding: "2.2", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "C1D94BEB-BBFB-4258-9835-87DBBB999239", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_logon:*:*:*:*:*:*:*:*", matchCriteriaId: "D6F24E40-F3F0-48F3-B3DC-5F98B0564F7A", versionStartIncluding: "1.6.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_logon:1.5:sp3_update_1:*:*:*:*:*:*", matchCriteriaId: "423359E5-9C36-4C6B-AB24-B030E6C61D53", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*", matchCriteriaId: "79EE15DC-74D3-4551-AAD0-EA0CB600DA76", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_telecontrol:-:*:*:*:*:*:*:*", matchCriteriaId: "F3169FD3-CBA2-417C-95EF-4F8AE9FAB5AD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_nms:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4ED13FC8-63C0-42C6-A51C-C480C45327C2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_nms:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "E68FE047-8F53-46B8-82D4-9342B1C8CA55", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_pni:-:*:*:*:*:*:*:*", matchCriteriaId: "1353DC31-FB12-427A-B1B2-9164A4BEE14B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:-:*:*:*:*:*:*", matchCriteriaId: "B0A5CC25-A323-4D49-8989-5A417D12D646", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:sp1:*:*:*:*:*:*", matchCriteriaId: "A690BCD3-6497-43F7-8A51-E033B9121DC8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:sp2:*:*:*:*:*:*", matchCriteriaId: "AA375D44-ECC5-4BD3-A3D5-6D2AA68782D5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update1:*:*:*:*:*:*", matchCriteriaId: "6CD26C73-B61F-424B-91C2-352E2CAE6666", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update2:*:*:*:*:*:*", matchCriteriaId: "DB4EA15F-ECA4-477F-948F-490FC90BC66A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinumerik_opc_ua_server:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA14E65-214C-431D-A49A-D8FC142D4541", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*", matchCriteriaId: "915B09CB-CA0A-445B-89D3-16AE9B08858E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*", matchCriteriaId: "B0F46497-4AB0-49A7-9453-CC26837BF253", versionEndExcluding: "1.0.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "25A3180B-21AF-4010-9DAB-41ADFD2D8031", versionEndIncluding: "10.12.0", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "43B199B4-D89C-483D-ACAE-6CB2A59EE67C", versionEndIncluding: "10.24.0", versionStartIncluding: "10.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "564ED5C8-50D7-413A-B88E-E62B6C07336A", versionEndIncluding: "12.12.0", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "3DEBF7C8-B000-47B9-B597-DC440F2603B3", versionEndExcluding: "12.22.1", versionStartIncluding: "12.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "428DCD7B-6F66-4F18-B780-5BD80143D482", versionEndIncluding: "14.14.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "380D03F3-6A7E-43A2-B002-FB2521FD3C58", versionEndExcluding: "14.16.1", versionStartIncluding: "14.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "3ED4D313-F372-4CC1-BE11-6BBA2F0E90E3", versionEndExcluding: "15.14.0", versionStartIncluding: "15.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", }, { lang: "es", value: "Un servidor OpenSSL TLS puede cometer un fallo si un cliente envía un mensaje ClientHello de renegociación diseñado maliciosamente. Si una renegociación de TLSv1.2 ClientHello omite la extensión signature_algorithms (donde estaba presente en el ClientHello inicial), pero incluye una extensión signature_algorithms_cert, se producirá una desreferencia del puntero NULL, lo que conllevará un bloqueo y un ataque de denegación de servicio. Un servidor solo es vulnerable si tiene TLSv1.2 y la renegociación habilitada (que es la configuración predeterminada). Los clientes de OpenSSL TLS no están afectados por este problema. Todas las versiones de OpenSSL versión 1.1.1 están afectadas por este problema. Los usuarios de estas versiones deben actualizar a OpenSSL versión 1.1.1k. OpenSSL versión 1.0.2 no está afectado por este problema. Corregido en OpenSSL versión 1.1.1k (Afectadas versiones 1.1.1-1.1.1j)", }, ], id: "CVE-2021-3449", lastModified: "2024-11-21T06:21:33.050", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-25T15:15:13.450", references: [ { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { source: "openssl-security@openssl.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { source: "openssl-security@openssl.org", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4875", }, { source: "openssl-security@openssl.org", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210325.txt", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-05", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-06", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-09", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4875", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210325.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-06", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-10", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:35
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8930F2B-7C37-4059-85FC-0316B631C860", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*", matchCriteriaId: "63F05227-208B-42C8-8D56-A5D106CAD32F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC216594-D56B-454D-BD2C-50631B8C8F9C", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*", matchCriteriaId: "DD8AD128-F6E2-45BD-9098-EC559D193194", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11F4F714-F802-4D13-A965-0A22B80DA9D0", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*", matchCriteriaId: "1EA20BB5-024E-4389-A0FE-C218E15D31A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F61801B9-80FD-45EC-9A20-5C703CB8BE76", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "76F5073F-CAE9-4071-9C86-2B29FB529A49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "058EDB3A-31B8-482F-B825-B0A7E192356E", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "D00C8A81-53EB-425F-A730-AC7505285B73", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62FC4D21-B225-4349-A8E8-68780CC465D1", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "B3C8FC67-825D-4E55-8341-E449EA98B6AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E84B475-1FB7-4BF1-880B-8DB5137BB941", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "BFAA7370-1B78-4AF8-8358-830460A5E81C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "970B3705-6172-4C00-B402-30A7F23C5A08", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "40D5F6C3-3AC5-40F2-B755-130E24169AB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D261FBC-1E4C-4016-AD0E-F234EE36F09A", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "08729226-19DB-410A-A764-B84E5213839D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5B465BD-D425-44C7-931C-E6DAABB79B67", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "CC372090-E9D1-4CB7-8CDC-8FA439764359", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28C49CB8-179A-47B7-9B04-FC214382B643", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "70C73C18-EC1D-431A-808F-1C16706B7F26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "896E8488-0AB0-4C39-9729-1E42F4C28419", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "838474F2-85A2-4315-8F0C-B1AAC9B20373", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E525612D-8273-42FD-8DAD-D589ED61C9D6", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "130361E8-6979-492F-89A3-4EFFF8F5379F", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "557BB258-1B9D-457F-9573-85439950C361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC98A393-C374-4411-94FE-9832CD8690ED", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "C951AC92-DD7E-4C24-BC38-1D041D81691C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C4C96D63-0711-48F8-ADE2-261FCF306049", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "F85BC978-9C30-4484-B6D7-B7A4543EFDA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FA5DA457-347E-4B6B-8003-882BD4D95D64", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B07B2FDF-E6A5-4E06-9328-01F311E85AF9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84F1472B-A584-4712-BEF7-7B4BDE166CE2", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*", matchCriteriaId: "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7DB4915-E989-4085-B201-C5CCC86AB924", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*", matchCriteriaId: "E21F9909-8D80-40BE-81E0-6ED7FE140A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B280EE0D-F3F9-46E3-949F-109844428C35", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E86AC831-9FB9-4D17-AA06-E68C176F1A23", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A27B28F-A037-4730-A0DD-96BB568F4A58", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D48EE1B0-3010-44F2-AEF9-A3E35BD03971", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*", matchCriteriaId: "391AD485-A49D-43D0-AAE5-1F58B38D4E22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones < V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones < V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones < V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones < V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones < V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones < V2.2). La aplicación afectada contiene un elemento de configuración oculto para habilitar la funcionalidad de depuración. Esto podría permitir que un atacante obtenga información sobre la configuración interna de la implementación.", }, ], id: "CVE-2024-37994", lastModified: "2024-09-18T15:35:17.403", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "LOW", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "NONE", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "LOW", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2024-09-10T10:15:11.340", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-912", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-06 21:29
Modified
2024-11-21 04:08
Severity ?
Summary
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "686948B0-67CE-46FB-87DF-D4A796614CF8", versionEndIncluding: "4.18", versionStartIncluding: "3.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "AF83BB87-B203-48F9-9D06-48A5FE399050", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "16E6D998-B41D-4B49-9E00-8336D2E40A4A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*", matchCriteriaId: "6C81647C-9A53-481D-A54C-36770A093F90", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "A8442C20-41F9-47FD-9A12-E724D3A31FD7", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "13E02156-E748-4820-B76F-7074793837E1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "6755B6AD-0422-467B-8115-34A60B1D1A40", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D5F7E11E-FB34-4467-8919-2B6BEAABF665", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", matchCriteriaId: "21540673-614A-4D40-8BD7-3F07723803B0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", matchCriteriaId: "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", matchCriteriaId: "AEE2E768-0F45-46E1-B6D7-087917109D98", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", matchCriteriaId: "83B14968-3985-43C3-ACE5-8307196EFAE3", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", matchCriteriaId: "7CB85C75-4D35-480E-843D-60579EC75FCB", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", matchCriteriaId: "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", matchCriteriaId: "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", matchCriteriaId: "C6CE5198-C498-4672-AF4C-77AB4BE06C5C", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", matchCriteriaId: "5F422A8C-2C4E-42C8-B420-E0728037E15C", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", matchCriteriaId: "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:itanium:*:*", matchCriteriaId: "1BC405FE-D553-4F6E-A524-E0535B21BEBB", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", matchCriteriaId: "A7DF96F8-BA6A-4780-9CA3-F719B3F81074", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", matchCriteriaId: "DB18C4CE-5917-401E-ACF7-2747084FD36E", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", matchCriteriaId: "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", matchCriteriaId: "5B454BFE-D3AB-4CDC-B79B-F60EA3F57DBA", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", matchCriteriaId: "CAACE735-003E-4ACB-A82E-C0CF97D7F013", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "627558CA-2606-4497-A232-0522D1CC8239", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9264B296-3445-4B9F-927D-7865BF3D8AF6", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1F7CF1E3-B1DA-4920-A37B-522CBA915535", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "58C8E163-2A45-4C64-A7C2-5686C1EB3C78", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "471EEDFE-F399-4DA4-A229-F35570514346", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "72900780-80F2-470C-AED6-92736CC5EFC7", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7FE43D60-C369-4806-B10A-97B02D715DFD", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4EDF69DE-310C-4C01-AA98-5EFB76C4E639", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E17D443D-9E5D-4F41-A539-6D7842B21E25", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3EB7CEBE-7EB5-48BD-89F5-DE3B20C0946A", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "D76F8CD6-1E23-4CB1-BE04-2F74E660120F", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "6925A921-F946-4746-AE60-18919E44DAE2", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "59C1988C-A886-4040-A640-81C8E6732813", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "0FA8C03D-3661-446D-B502-BEB52B7B6305", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "0239DD74-6914-4B1C-9DA4-8D8D799A9B58", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "86641EEE-52C4-4A09-9D0C-CC3254CFC256", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B4F65BFF-8F85-487E-850A-DFF8DA9D8F59", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6E12292F-25C7-48CD-A96A-097779B73DEC", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1503B2F8-3549-4E52-87E9-6F0FD91F1428", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D36C6B19-D8ED-4E32-AEA1-D045F3B922DC", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "A1D20BE1-7450-45AB-8A36-5AA1A84C3B54", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F3FFD367-E47B-4491-9364-1BA3FA481964", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "65A931C9-4301-49E2-B3C8-235862664E36", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B8BA9BE0-1646-41EF-BCE2-7BD4021196C5", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5AAA2418-D5A0-44D9-B4C7-D55553D374C1", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "068DD700-87D5-4979-A000-84A4D630F653", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "CB505ABB-7752-4590-9E8A-C5EAC190B349", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F46B8BF4-6DB9-48C1-8CB6-1FE0DE5B08C7", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "A7B34FC0-168E-4CA8-B1F4-BDC0D2213280", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F10D272B-F8F8-4D67-B562-3B2AC9F30E52", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "71BBF6B3-6F7E-468C-9723-4C13049259D0", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "F13E6EC1-5BC4-4A17-928A-667DA7A93EBD", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "C3F1C894-A475-457E-9AD9-934151E76200", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "678B7FC3-6796-4159-BF2B-8FAD49E0F566", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "DBCF9B1E-E4DF-46FE-BB85-E51657595936", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "98117B55-838B-47C5-84AE-8F84357F1BAE", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "670C542A-63F1-4FC2-B215-ADE94FCF3512", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "F104C6F4-47BB-416D-AB73-BBEA8A1BAE4B", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "A0E47FF6-A851-4588-9F39-B292D4147AE6", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "1A8809FF-F8DF-48E8-9885-CD0C2AD79024", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E0972BE5-3E14-4BB3-A635-C346FA49AA85", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BBDBCC20-D7F8-4125-862F-E5596302DC90", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B7FFD156-606F-40DC-90D0-60B3DB5E3D90", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D960933D-9476-4473-A3FB-0032C051BE50", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3092DC8B-088E-45D2-BF0E-2E99C5395431", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "E1383A6A-60CF-4C10-9CFB-7B4FAEBEA3E6", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "29D81E70-82D9-4FE8-B0D0-214149C30CF0", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "6C126233-AEE0-4E51-A738-CB6D098C4478", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "44D33B41-F19D-4B46-9F9E-FC03051EBB0C", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "F1D72DB2-91EA-4DBB-A68F-DC5127930755", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "6065C3C1-1C16-48A5-B879-0F2A4B757D66", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4BB3A6AE-0CE4-4A5D-AFA6-6AC0AE49B616", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B330C1A9-F937-4DE5-B111-46970DA853C2", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "63529AEA-8B74-4CA1-BADF-14514D243DC5", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C4B00FFF-D49D-4C1C-9416-F6E95049945C", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "54E61F23-BDD2-4938-AE39-D95C03B471B6", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D7BBC3D4-9B4E-4185-B327-8902DDFD4234", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C497F2ED-D143-4207-BCDA-68C3DB856529", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DE65180C-47C8-41CF-B6C7-181259605B2C", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DD3A8B31-C29E-4F5C-A95E-DB3F88E83A6D", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "40B3C644-1703-4599-9021-F2C919B11AEC", versionEndExcluding: "11.6.5.1", versionStartIncluding: "11.5.1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "D518DD68-B336-43A8-883C-1CE7B9BB5B0F", versionEndExcluding: "12.1.5", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "ABF432A4-76B4-4D32-B864-60F30568CABF", versionEndExcluding: "13.1.3", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "54E703A5-F9F1-4DDA-8B70-D3C6F51038B6", versionEndExcluding: "14.0.1.1", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "BDB13A0E-C1C4-403C-9990-AB7729F9585D", versionEndExcluding: "14.1.2.4", versionStartIncluding: "14.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "755BF920-21B8-4D5C-AFF3-5566A0FF9FE4", versionEndExcluding: "6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "284DF779-D900-48B4-A177-7281CD445AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CB10E02-C5CA-42AC-AD48-72CE508CD627", versionEndExcluding: "2.13.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rox_ii:-:*:*:*:*:*:*:*", matchCriteriaId: "1EA04F52-40D0-4A4B-9767-265A26EFD98D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5E409347-918D-4C13-AC0D-B76867A78786", versionEndExcluding: "6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7DB470D9-102A-429B-81C2-F9C28ABB627F", versionEndExcluding: "6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCBF7633-A3E7-4CEF-AC2A-085AF303FF27", versionEndExcluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*", matchCriteriaId: "725C671B-D7A0-48CF-8A31-5F9C4173F1DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w1700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0AF4337-C610-4E5B-9F6E-E0AE059E9D2E", versionEndExcluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w1700_ieee_802.11ac:-:*:*:*:*:*:*:*", matchCriteriaId: "55CA7B83-9295-451A-9B78-832761A6BA79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_ieee_802.11a\\/b\\/g\\/n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C4A8F09-A7B9-4569-A3AE-F3572CBD9AA5", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700_ieee_802.11a\\/b\\/g\\/n:-:*:*:*:*:*:*:*", matchCriteriaId: "DEAC9491-87D0-480B-B49A-4EC5D2A2C802", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1242-7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58AACBFB-F828-4A17-816E-0BCA406B063D", versionEndExcluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1242-7:-:*:*:*:*:*:*:*", matchCriteriaId: "122D4621-9DBD-4BB7-8CEF-2E9F69E6F8DA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3FB9F6B9-7A43-4669-AEB8-30644609C5D9", versionEndExcluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*", matchCriteriaId: "65278BA0-3C81-4D81-9801-D7BE3A1D7680", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E5B6CE8-F314-43C4-A01A-79DA4C71A34F", versionEndExcluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*", matchCriteriaId: "555FAB7F-8D8C-46E8-91E2-83AA93A41940", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9C1A675-67F8-4A1C-A67F-E081AC647A55", versionEndExcluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_us:-:*:*:*:*:*:*:*", matchCriteriaId: "F5179046-6D98-46A2-BDB8-2D5EF3C6D46F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "251E49C6-735C-492F-BD26-6994A6BB40BD", versionEndExcluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "350FD323-C876-4C7A-A2E7-4B0660C87F6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47EDF46E-8273-478A-A1F4-3CE781CB5E24", versionEndExcluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "0602DEEA-AE39-4A44-9D78-6623943DDCD6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52ED214A-EA23-43A7-B7F8-F0017B1063F8", versionEndExcluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "C1EE2F10-A7A6-486F-AE5C-53AE25BAF200", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "951CDCA7-73BD-4494-9ED9-FD741A01DF93", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F56C2BDC-928E-491A-8E7C-F976B3787C7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2D103B7-B693-4E35-AF55-9238B6A16E77", versionEndExcluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "783B50B8-2FB7-4982-88AA-B4F2AD094796", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31BF3B2C-98D9-455F-BCB4-EEAC7EE84C9A", versionEndExcluding: "1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63E0D36E-1DF9-4DB8-B563-EF77D947FA9E", versionEndExcluding: "1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E39C5C7A-543C-4271-80EF-C728FFFA50D2", versionEndExcluding: "1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34F52786-B328-4066-8F3C-457358E42989", versionEndExcluding: "1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188:-:*:*:*:*:*:*:*", matchCriteriaId: "91E776EC-16DD-404D-A8AA-2344BA306E3C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "361C68A1-6FDE-47EB-84C5-31AB100E8F30", versionEndExcluding: "1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*", matchCriteriaId: "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinema_remote_connect_server_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "284428BD-FF75-4D48-9137-2D64B46B6ED4", versionEndExcluding: "2.0.1", versionStartIncluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinema_remote_connect_server:-:*:*:*:*:*:*:*", matchCriteriaId: "50360459-773D-4B1C-B28D-02A01BE5A0EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.", }, { lang: "es", value: "El kernel de Linux en versiones a partir de la 3.9 es vulnerable a un ataque de denegación de servicio (DoS) con tasas bajas de paquetes especialmente modificados que apuntan hacia el reensamblado de fragmentos de IP. Un atacante podría provocar una condición de denegación de servicio (DoS) mediante el envío de fragmentos de IP especialmente manipulados. Se han descubierto varias vulnerabilidades en la fragmentación de IP, que se han ido solucionando a lo largo de los años. La vulnerabilidad actual (CVE-2018-5391) se volvió explotable en el kernel de Linux con el aumento del tamaño de la cola de reensamblado de fragmentos de IP.", }, ], id: "CVE-2018-5391", lastModified: "2024-11-21T04:08:43.897", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-06T21:29:00.363", references: [ { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", }, { source: "cret@cert.org", tags: [ "Broken Link", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/06/28/2", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/3", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/4", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105108", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041476", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041637", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2785", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2791", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2846", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2924", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2925", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2933", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3459", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3540", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3586", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3590", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", }, { source: "cret@cert.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", }, { source: "cret@cert.org", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html", }, { source: "cret@cert.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20181003-0002/", }, { source: "cret@cert.org", url: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3740-1/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3740-2/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3741-1/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3741-2/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3742-1/", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3742-2/", }, { source: "cret@cert.org", tags: [ "Mitigation", "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4272", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/641765", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/06/28/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/105108", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041637", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2785", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2791", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2846", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2924", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2925", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2933", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3540", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3586", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:3590", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20181003-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3740-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3740-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3741-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3741-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3742-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3742-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4272", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/641765", }, ], sourceIdentifier: "cret@cert.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "cret@cert.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:37
Severity ?
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8930F2B-7C37-4059-85FC-0316B631C860", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*", matchCriteriaId: "63F05227-208B-42C8-8D56-A5D106CAD32F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC216594-D56B-454D-BD2C-50631B8C8F9C", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*", matchCriteriaId: "DD8AD128-F6E2-45BD-9098-EC559D193194", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11F4F714-F802-4D13-A965-0A22B80DA9D0", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*", matchCriteriaId: "1EA20BB5-024E-4389-A0FE-C218E15D31A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F61801B9-80FD-45EC-9A20-5C703CB8BE76", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "76F5073F-CAE9-4071-9C86-2B29FB529A49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "058EDB3A-31B8-482F-B825-B0A7E192356E", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "D00C8A81-53EB-425F-A730-AC7505285B73", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62FC4D21-B225-4349-A8E8-68780CC465D1", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "B3C8FC67-825D-4E55-8341-E449EA98B6AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E84B475-1FB7-4BF1-880B-8DB5137BB941", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "BFAA7370-1B78-4AF8-8358-830460A5E81C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "970B3705-6172-4C00-B402-30A7F23C5A08", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "40D5F6C3-3AC5-40F2-B755-130E24169AB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D261FBC-1E4C-4016-AD0E-F234EE36F09A", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "08729226-19DB-410A-A764-B84E5213839D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5B465BD-D425-44C7-931C-E6DAABB79B67", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "CC372090-E9D1-4CB7-8CDC-8FA439764359", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28C49CB8-179A-47B7-9B04-FC214382B643", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "70C73C18-EC1D-431A-808F-1C16706B7F26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "896E8488-0AB0-4C39-9729-1E42F4C28419", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "838474F2-85A2-4315-8F0C-B1AAC9B20373", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E525612D-8273-42FD-8DAD-D589ED61C9D6", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "130361E8-6979-492F-89A3-4EFFF8F5379F", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "557BB258-1B9D-457F-9573-85439950C361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC98A393-C374-4411-94FE-9832CD8690ED", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "C951AC92-DD7E-4C24-BC38-1D041D81691C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C4C96D63-0711-48F8-ADE2-261FCF306049", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "F85BC978-9C30-4484-B6D7-B7A4543EFDA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FA5DA457-347E-4B6B-8003-882BD4D95D64", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B07B2FDF-E6A5-4E06-9328-01F311E85AF9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84F1472B-A584-4712-BEF7-7B4BDE166CE2", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*", matchCriteriaId: "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7DB4915-E989-4085-B201-C5CCC86AB924", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*", matchCriteriaId: "E21F9909-8D80-40BE-81E0-6ED7FE140A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B280EE0D-F3F9-46E3-949F-109844428C35", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E86AC831-9FB9-4D17-AA06-E68C176F1A23", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A27B28F-A037-4730-A0DD-96BB568F4A58", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D48EE1B0-3010-44F2-AEF9-A3E35BD03971", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*", matchCriteriaId: "391AD485-A49D-43D0-AAE5-1F58B38D4E22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones < V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones < V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones < V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones < V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones < V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones < V2.2). La aplicación afectada maneja incorrectamente el error durante la carga de un certificado defectuoso, lo que provoca el bloqueo de la aplicación. Esta vulnerabilidad podría permitir a un atacante revelar información confidencial.", }, ], id: "CVE-2024-37995", lastModified: "2024-09-18T15:37:15.130", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 2.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 1.4, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "PRESENT", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 2.1, baseSeverity: "LOW", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "HIGH", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "LOW", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2024-09-10T10:15:11.570", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-703", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:46
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise availability of the device.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:cp1604_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E737620D-9D00-4151-B232-7DFB7FD768B3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:cp1604:-:*:*:*:*:*:*:*", matchCriteriaId: "6222006F-09D7-49F7-B8C7-4D94298A8F6A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:cp1616_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "65FE6F54-1457-4EB6-9273-1D93B3B97386", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:cp1616:-:*:*:*:*:*:*:*", matchCriteriaId: "184365A2-BAD2-4926-ACEE-F71E018D3CE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "69EE2BF6-3846-478F-9AC6-BEF34617F3B5", versionEndExcluding: "1.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp343-1_advanced_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E6601B8-E032-4B39-BF65-F25CF047EB99", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp343-1_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "ACCC0229-E454-4BEF-931A-3CD820500822", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp443-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2035A020-F41E-4FC7-A290-9923574D4921", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp443-1:-:*:*:*:*:*:*:*", matchCriteriaId: "EB8636E9-A3DA-4DDC-A3FC-B3EAAD07952E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp443-1_advanced_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1AD15638-8B84-4DA2-9DDC-9A1CA3548E91", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp443-1_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "BFE94F56-71DB-4837-9818-6827C80DE2BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D1873751-81F4-4732-B30F-9F2DEECBC110", versionEndExcluding: "2.1.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc:-:*:*:*:*:*:*:*", matchCriteriaId: "C9A5678E-9EAA-441A-AC77-94F824D64AEE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F36AC571-C958-4CB8-91D9-5417C1812C02", versionEndExcluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*", matchCriteriaId: "00361A3C-60E9-4365-BB51-09D7792C441D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7299F88D-8885-4871-93E1-CBEFD3156B15", versionEndExcluding: "15.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:-:*:*:*:*:*:*", matchCriteriaId: "F18EA7BD-47D0-4367-8F18-C89239B201E3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*", matchCriteriaId: "F4830E0D-0128-4E5B-AB81-2B238471AE4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "865FD012-F390-4BB8-B14F-533840B95512", versionEndExcluding: "15.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:15.1:-:*:*:*:*:*:*", matchCriteriaId: "5418D916-49A6-4B79-A653-E2C5221DEBE8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFE761-35C9-43EF-85BC-E8083B9F75CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A8EC6926-258F-4F5C-88D2-33FE363340DB", versionEndExcluding: "15.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*", matchCriteriaId: "97E283EF-A950-40E7-91C7-839203A333A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*", matchCriteriaId: "F106DEE3-4DED-46E4-9661-9D9C7B729BC0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2D9CF819-E06C-4EAA-85B3-AC40E039D485", versionEndExcluding: "15.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*", matchCriteriaId: "4AF727E5-7849-4980-8AA5-7469FD52DF86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*", matchCriteriaId: "D175BC55-2EAA-4D4A-9E05-2FBB228160F1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B28FB484-526A-437E-80E3-B62F54F1BEF6", versionEndExcluding: "15.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*", matchCriteriaId: "61DFC57F-0359-4B4A-A13C-067B21D3DA7B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*", matchCriteriaId: "5C39166C-38CA-426F-9702-B9CA5ED6630C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "66FC2264-7DDD-4BEF-9795-AC6A5A00886B", versionEndExcluding: "15.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*", matchCriteriaId: "D68363A9-D1D5-4E49-98D1-E5F8C324BC22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*", matchCriteriaId: "D29338CD-57BD-4734-9204-118EA53D42FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E4F0084-91A5-4D7E-971B-9DB979849594", versionEndExcluding: "15.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*", matchCriteriaId: "36EEF9EB-91EF-4697-A963-7C8F955778EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*", matchCriteriaId: "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_cp443-1_opc_ua:*:*:*:*:*:*:*:*", matchCriteriaId: "56396833-12BF-4AE5-8D3E-695652A99DBF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_ipc_diagmonitor:*:*:*:*:*:*:*:*", matchCriteriaId: "6FD49A39-47D7-473C-9E46-6D9246BC6D04", versionEndExcluding: "5.1.3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "11C0A94D-5506-4A75-99E1-CA9769AF057C", versionEndExcluding: "2.7", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:*:*:*:*:*:*:*:*", matchCriteriaId: "8B66A2A4-5062-45F8-A615-2DA716650909", versionEndExcluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:-:*:*:*:*:*:*", matchCriteriaId: "AED3A3AF-EF77-4E58-91AD-BBE01E1DA4A6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:sp1:*:*:*:*:*:*", matchCriteriaId: "23039930-E45C-4B0E-883A-E2F9A7502984", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*", matchCriteriaId: "06364800-4C54-4BE4-B4AA-0CF29E4E82AA", versionEndExcluding: "15.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*", matchCriteriaId: "4FBDFA7B-504A-4F58-967F-15CAFCEB5594", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*", matchCriteriaId: "4D184A8F-963A-4730-AED4-1994EEA91702", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*", matchCriteriaId: "16DAC92E-141C-4923-96F5-2620F60E763A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*", matchCriteriaId: "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sitop_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2662688E-6975-46C7-939B-25FF4790518D", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf600r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "16CBED3D-892A-4EC0-BE2E-358040C34304", versionEndExcluding: "3.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf600r:-:*:*:*:*:*:*:*", matchCriteriaId: "EFA55275-691D-4269-93E4-C559C89E3FA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "25F96DAA-696D-4EB4-97DF-986C7681700B", versionEndExcluding: "1.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*", matchCriteriaId: "E21F9909-8D80-40BE-81E0-6ED7FE140A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF8FFD1C-8E33-48E9-A884-B80311F8BA4C", versionEndExcluding: "1.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf182c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FC4F972-3A3B-421C-8D62-9C5C4D1992CF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*", matchCriteriaId: "7540DAD9-2AAC-46A9-B1C5-BB1AC4FCE710", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf181-eip_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFA94867-4367-4186-8A4B-44C3CBCCEF7F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf181-eip:-:*:*:*:*:*:*:*", matchCriteriaId: "E10A0D57-8805-44DB-95E3-1B240ED5ED09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2AE766CD-695B-4A12-8BC5-3743D8E3D73E", versionEndExcluding: "2.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*", matchCriteriaId: "30DDEA9B-E1BF-4572-8E12-D13C54603E77", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9461CADE-1624-4D1B-8CF2-CF65F75071C0", versionEndExcluding: "3.3.17", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*", matchCriteriaId: "7EFD4E99-5C66-443F-8B6F-FA01C895DE78", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-400_pn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A2219FE-2C3F-4948-85D6-3C53AC08722B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-400_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "795D0FF9-1D0B-4C74-BEF3-58EAE74DFA0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-400_pn\\/dp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC917346-94F6-44FD-AC00-AED0CF3CBBD1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-400_pn\\/dp:-:*:*:*:*:*:*:*", matchCriteriaId: "F60D816D-85A5-4971-AF2D-666AE0B74E9E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C8E76BDE-C7E9-4D6B-B5D9-A456516CD016", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced:-:*:*:*:*:*:*:*", matchCriteriaId: "71DA3D1A-E435-418F-9A13-945B4BA15FC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "80D166A8-1EEC-42F4-8EAB-1747247A7A05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic:-:*:*:*:*:*:*:*", matchCriteriaId: "FFA520B6-5177-43E4-87C0-C215F79FE9B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_standard_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C887573-8BE8-42CF-B35A-22F9311AC627", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_standard:-:*:*:*:*:*:*:*", matchCriteriaId: "3A5A3F7E-D039-430F-89B0-6AB4FD2428D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_winac_rtx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "80BDBB38-20D2-48C3-8B58-62C2D8CC00B8", versionEndExcluding: "2010", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_winac_rtx_firmware:2010:-:*:*:*:*:*:*", matchCriteriaId: "EA59D713-F342-4CDA-BDC8-108352D385DA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_winac_rtx:-:*:*:*:*:*:*:*", matchCriteriaId: "CA5ADAB0-3985-4933-8CDD-D1546D8271CC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simocode_pro_v_eip_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8A001968-C7FD-4C11-8439-11532B234CC2", versionEndExcluding: "1.1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simocode_pro_v_eip:-:*:*:*:*:*:*:*", matchCriteriaId: "50BDA360-0D33-42DC-ADB9-2F69503C2CD8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simocode_pro_v_pn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "15CB26DA-7CA0-4BD6-A219-01F6E8A6F03F", versionEndExcluding: "2.1.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simocode_pro_v_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "1779AE78-AC90-48BE-8FF2-CC11E7CA3CB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_g130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "856768D2-C096-4CA7-B26F-E94B005C0D79", versionEndExcluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*", matchCriteriaId: "373DBE44-AC28-4D04-93BB-35CD8C60E899", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_g150_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C579C2C7-0402-46B2-A770-C3B7F71D1096", versionEndExcluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*", matchCriteriaId: "2296CA65-0E89-4BCB-8003-E7212BF1F585", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_s120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "03F9CBC3-B2B3-4FA7-963D-A8F3AE6D8EA0", versionEndExcluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*", matchCriteriaId: "E5A824BD-935F-4E53-8313-C5544B0489C7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_s150_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "126AC93E-A39F-4754-9707-207C9F2F64F4", versionEndExcluding: "5.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:-:*:*:*:*:*:*", matchCriteriaId: "3E8BCCED-BDC6-4785-8705-799836E5024E", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1:*:*:*:*:*:*", matchCriteriaId: "098262CC-4D3B-4E55-83C3-2816403C553B", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1_hotfix2:*:*:*:*:*:*", matchCriteriaId: "6092F899-9A89-4FA4-BD80-97511DF7CF8F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*", matchCriteriaId: "0D48682C-A39D-4A09-B904-50FA64A9D2A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_s210_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B7269713-6505-41DF-B85B-F729E24A3F5B", versionEndExcluding: "5.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:-:*:*:*:*:*:*", matchCriteriaId: "BEBF14B3-65A0-41E9-B99C-D88548F307CD", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1:*:*:*:*:*:*", matchCriteriaId: "F151297C-3097-483F-98B5-0261BD547421", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_s210:-:*:*:*:*:*:*:*", matchCriteriaId: "7BFA8FB3-12A9-4D2E-BCFD-C66313521C80", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sitop_psu8600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F389808-001E-4650-86B2-00A72D25BCD0", versionEndExcluding: "1.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*", matchCriteriaId: "55058209-8AE5-42AF-80D4-5A7A44307266", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sitop_ups1600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD39CC96-ABE3-4854-A102-36AFE1F6CB14", versionEndExcluding: "2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sitop_ups1600:-:*:*:*:*:*:*:*", matchCriteriaId: "6FC1A64E-6A27-4F91-8A13-829E0F7D8E80", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B023E75A-B76D-4FD8-9660-1F233092160F", versionEndExcluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "C1D94BEB-BBFB-4258-9835-87DBBB999239", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500f_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F9C47A4A-BE81-499A-AB36-491661B88693", versionEndExcluding: "2.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500f:-:*:*:*:*:*:*:*", matchCriteriaId: "A255BC06-2776-4111-A525-76B17371B295", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "66A446D2-39ED-4635-AAA0-85D977F600FE", versionEndExcluding: "2.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500s:-:*:*:*:*:*:*:*", matchCriteriaId: "C1752A2A-0034-4E00-AAC6-FA15345D7A41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500t_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5238622A-BCAD-4A06-9920-49BECFDDC2A6", versionEndExcluding: "2.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*", matchCriteriaId: "741B2C38-174C-49DF-98D8-F7D6F49D1CE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E231DE7-8B8D-41A3-A163-CE8EF50AF9D0", versionEndExcluding: "4.8", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_gh150_firmware:4.8:-:*:*:*:*:*:*", matchCriteriaId: "6D076504-AFE3-4C51-80E5-C5992CA7D511", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*", matchCriteriaId: "BF977545-395A-4C34-BB22-A1047B5B6E85", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3653DA37-DB23-41E0-8CE8-838E384AA40A", versionEndExcluding: "4.8", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_gl150_firmware:4.8:-:*:*:*:*:*:*", matchCriteriaId: "0F86A334-10F9-4DFB-A421-CBCAFD86C8C2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*", matchCriteriaId: "DED7F33B-D475-4232-8683-48554A6729F7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0E25804D-D943-4C2A-9C78-AAC61F7BA4FF", versionEndExcluding: "4.8", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_gm150_firmware:4.8:-:*:*:*:*:*:*", matchCriteriaId: "06B69CD4-3AEC-4014-81DB-33805A44A5D3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*", matchCriteriaId: "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FD67D30A-8681-41AE-B248-7E50BA1B9FC8", versionEndExcluding: "4.8", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_sl150_firmware:4.8:-:*:*:*:*:*:*", matchCriteriaId: "FCC0EE8B-1088-46B6-992A-B8E12A7B7DC2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*", matchCriteriaId: "C6619B0F-7CDC-40A6-89B2-C6067AF45214", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31393A1B-4DBC-476D-875E-463B4B887E1B", versionEndExcluding: "4.8", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_sm120_firmware:4.8:-:*:*:*:*:*:*", matchCriteriaId: "0206F9F2-27C7-4D2F-817B-13F8FA31E547", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*", matchCriteriaId: "444DD77F-DB65-4766-A89D-7A679B4CA1E1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC70D596-AA1E-4196-87B0-BECEE6568AA7", versionEndExcluding: "5.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_sm150_firmware:5.1:-:*:*:*:*:*:*", matchCriteriaId: "1E81CDB5-122F-48D1-B9F1-4C401D46D978", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*", matchCriteriaId: "2AE231E2-2B2B-407A-BF7A-9EA35F394229", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device.", }, { lang: "es", value: "SIPLUS), paneles exteriores SIMATIC HMI Comfort de 7\" y 15\" (incl. variantes SIPLUS), paneles SIMATIC HMI Comfort de 4\" - 22\" (incl. variantes SIPLUS), paneles SIMATIC ET 200SP Open Controller CPU 1515SP PC SIPLUS), paneles móviles SIMATIC HMI KTP KTP400F, KTP700, KTP700F, KTP900 y KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, familia SIMATIC RF600R, familia de CPUs SIMATIC S7-1500 (incl. CPUs ET200 y variantes SIPLUS), controlador de software SIMATIC S7-1500, familia de CPUs SIMATIC S7-300 (incluidas las CPUs ET200 y variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V6 e inferiores (incluidas las variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V7 (incluidas las variantes SIPLUS) SIPLUS), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP (incl. SIPLUS), SIMOCODE pro V PN (incl. variantes SIPLUS), SINAMICS G130 V4.6 Control Unit, SINAMICS G130 V4.7 Control Unit, SINAMICS G130 V4.7 SP1 Control Unit, SINAMICS G130 V4.8 Control Unit, SINAMICS G130 V5.1 Control Unit, SINAMICS G130 V5. 1 SP1 Unidad de control, SINAMICS G150 V4.6 Unidad de control, SINAMICS G150 V4.7 Unidad de control, SINAMICS G150 V4.7 SP1 Unidad de control, SINAMICS G150 V4.8 Unidad de control, SINAMICS G150 V5. 1 Unidad de control, SINAMICS G150 V5.1 SP1 Unidad de control, SINAMICS GH150 V4.7 (Unidad de control), SINAMICS GH150 V4.8 (Unidad de control), SINAMICS GL150 V4.7 (Unidad de control), SINAMICS GL150 V4. 8 (Unidad de control), SINAMICS GM150 V4.7 (Unidad de control), SINAMICS GM150 V4.8 (Unidad de control), SINAMICS S120 V4.6 Unidad de control (incl. variantes SIPLUS), SINAMICS S120 V4.7 Unidad de control (incl. variantes SIPLUS) SIPLUS), SINAMICS S120 V4.7 SP1 (incl. variantes SIPLUS), SINAMICS S120 V4.8 (incl. variantes SIPLUS), SINAMICS S120 V5.1 (incl. variantes SIPLUS) SIPLUS), SINAMICS S120 V5.1 SP1 Unidad de Control (incl. variantes SIPLUS), SINAMICS S150 V4.6 Unidad de Control, SINAMICS S150 V4.7 Unidad de Control, SINAMICS S150 V4.7 SP1 Unidad de Control, SINAMICS S150 V4. 8 Unidad de control, SINAMICS S150 V5.1 Unidad de control, SINAMICS S150 V5.1 SP1 Unidad de control, SINAMICS S210 V5.1 Unidad de control, SINAMICS S210 V5.1 SP1 Unidad de control, SINAMICS SL150 V4. 7 (Unidad de Control), SINAMICS SL150 V4.8 (Unidad de Control), SINAMICS SM120 V4.7 (Unidad de Control), SINAMICS SM120 V4.8 (Unidad de Control), SINAMICS SM150 V4. 8 (unidad de control), SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SITOP Manager, SITOP PSU8600, SITOP UPS1600 (incl. variantes SIPLUS), TIM 1531 IRC (incl. variantes SIPLUS NET). El servidor web de los dispositivos afectados contiene una vulnerabilidad que puede conducir a una condición de denegación de servicio. Un atacante puede provocar una situación de denegación de servicio que lleve a reiniciar el servidor web del dispositivo afectado. La vulnerabilidad de seguridad podría ser explotada por un atacante con acceso a la red de los sistemas afectados. La explotación exitosa no requiere privilegios del sistema ni interacción del usuario. Un atacante podría utilizar la vulnerabilidad para comprometer la disponibilidad del dispositivo", }, ], id: "CVE-2019-6568", lastModified: "2024-11-21T04:46:42.773", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2019-04-17T14:29:03.683", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf", }, { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:32
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8930F2B-7C37-4059-85FC-0316B631C860", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*", matchCriteriaId: "63F05227-208B-42C8-8D56-A5D106CAD32F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC216594-D56B-454D-BD2C-50631B8C8F9C", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*", matchCriteriaId: "DD8AD128-F6E2-45BD-9098-EC559D193194", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11F4F714-F802-4D13-A965-0A22B80DA9D0", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*", matchCriteriaId: "1EA20BB5-024E-4389-A0FE-C218E15D31A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F61801B9-80FD-45EC-9A20-5C703CB8BE76", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "76F5073F-CAE9-4071-9C86-2B29FB529A49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "058EDB3A-31B8-482F-B825-B0A7E192356E", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "D00C8A81-53EB-425F-A730-AC7505285B73", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62FC4D21-B225-4349-A8E8-68780CC465D1", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "B3C8FC67-825D-4E55-8341-E449EA98B6AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E84B475-1FB7-4BF1-880B-8DB5137BB941", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "BFAA7370-1B78-4AF8-8358-830460A5E81C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "970B3705-6172-4C00-B402-30A7F23C5A08", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "40D5F6C3-3AC5-40F2-B755-130E24169AB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D261FBC-1E4C-4016-AD0E-F234EE36F09A", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "08729226-19DB-410A-A764-B84E5213839D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5B465BD-D425-44C7-931C-E6DAABB79B67", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "CC372090-E9D1-4CB7-8CDC-8FA439764359", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28C49CB8-179A-47B7-9B04-FC214382B643", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "70C73C18-EC1D-431A-808F-1C16706B7F26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "896E8488-0AB0-4C39-9729-1E42F4C28419", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "838474F2-85A2-4315-8F0C-B1AAC9B20373", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E525612D-8273-42FD-8DAD-D589ED61C9D6", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "130361E8-6979-492F-89A3-4EFFF8F5379F", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "557BB258-1B9D-457F-9573-85439950C361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC98A393-C374-4411-94FE-9832CD8690ED", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "C951AC92-DD7E-4C24-BC38-1D041D81691C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C4C96D63-0711-48F8-ADE2-261FCF306049", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "F85BC978-9C30-4484-B6D7-B7A4543EFDA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FA5DA457-347E-4B6B-8003-882BD4D95D64", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B07B2FDF-E6A5-4E06-9328-01F311E85AF9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84F1472B-A584-4712-BEF7-7B4BDE166CE2", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*", matchCriteriaId: "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7DB4915-E989-4085-B201-C5CCC86AB924", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*", matchCriteriaId: "E21F9909-8D80-40BE-81E0-6ED7FE140A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B280EE0D-F3F9-46E3-949F-109844428C35", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E86AC831-9FB9-4D17-AA06-E68C176F1A23", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A27B28F-A037-4730-A0DD-96BB568F4A58", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D48EE1B0-3010-44F2-AEF9-A3E35BD03971", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*", matchCriteriaId: "391AD485-A49D-43D0-AAE5-1F58B38D4E22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones < V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones < V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones < V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones < V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones < V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones < V2.2). Las aplicaciones afectadas no autentican la creación de instancias de Ajax2App. Esto podría permitir que un atacante no autenticado provoque una condición de denegación de servicio.", }, ], id: "CVE-2024-37993", lastModified: "2024-09-18T15:32:26.037", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "LOW", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2024-09-10T10:15:11.090", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:31
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8930F2B-7C37-4059-85FC-0316B631C860", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*", matchCriteriaId: "63F05227-208B-42C8-8D56-A5D106CAD32F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC216594-D56B-454D-BD2C-50631B8C8F9C", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*", matchCriteriaId: "DD8AD128-F6E2-45BD-9098-EC559D193194", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11F4F714-F802-4D13-A965-0A22B80DA9D0", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*", matchCriteriaId: "1EA20BB5-024E-4389-A0FE-C218E15D31A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F61801B9-80FD-45EC-9A20-5C703CB8BE76", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "76F5073F-CAE9-4071-9C86-2B29FB529A49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "058EDB3A-31B8-482F-B825-B0A7E192356E", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "D00C8A81-53EB-425F-A730-AC7505285B73", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62FC4D21-B225-4349-A8E8-68780CC465D1", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "B3C8FC67-825D-4E55-8341-E449EA98B6AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E84B475-1FB7-4BF1-880B-8DB5137BB941", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "BFAA7370-1B78-4AF8-8358-830460A5E81C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "970B3705-6172-4C00-B402-30A7F23C5A08", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "40D5F6C3-3AC5-40F2-B755-130E24169AB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D261FBC-1E4C-4016-AD0E-F234EE36F09A", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "08729226-19DB-410A-A764-B84E5213839D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5B465BD-D425-44C7-931C-E6DAABB79B67", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "CC372090-E9D1-4CB7-8CDC-8FA439764359", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28C49CB8-179A-47B7-9B04-FC214382B643", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "70C73C18-EC1D-431A-808F-1C16706B7F26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "896E8488-0AB0-4C39-9729-1E42F4C28419", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "838474F2-85A2-4315-8F0C-B1AAC9B20373", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E525612D-8273-42FD-8DAD-D589ED61C9D6", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "130361E8-6979-492F-89A3-4EFFF8F5379F", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "557BB258-1B9D-457F-9573-85439950C361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC98A393-C374-4411-94FE-9832CD8690ED", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "C951AC92-DD7E-4C24-BC38-1D041D81691C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C4C96D63-0711-48F8-ADE2-261FCF306049", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "F85BC978-9C30-4484-B6D7-B7A4543EFDA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FA5DA457-347E-4B6B-8003-882BD4D95D64", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B07B2FDF-E6A5-4E06-9328-01F311E85AF9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84F1472B-A584-4712-BEF7-7B4BDE166CE2", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*", matchCriteriaId: "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7DB4915-E989-4085-B201-C5CCC86AB924", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*", matchCriteriaId: "E21F9909-8D80-40BE-81E0-6ED7FE140A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B280EE0D-F3F9-46E3-949F-109844428C35", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E86AC831-9FB9-4D17-AA06-E68C176F1A23", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A27B28F-A037-4730-A0DD-96BB568F4A58", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D48EE1B0-3010-44F2-AEF9-A3E35BD03971", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*", matchCriteriaId: "391AD485-A49D-43D0-AAE5-1F58B38D4E22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones < V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones < V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones < V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones < V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones < V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones < V2.2). Los dispositivos afectados no gestionan correctamente el error en caso de exceso de caracteres al configurar SNMP, lo que provoca el reinicio de la aplicación.", }, ], id: "CVE-2024-37992", lastModified: "2024-09-18T15:31:27.597", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "PRESENT", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "HIGH", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2024-09-10T10:15:10.837", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-703", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:29
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8930F2B-7C37-4059-85FC-0316B631C860", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*", matchCriteriaId: "63F05227-208B-42C8-8D56-A5D106CAD32F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC216594-D56B-454D-BD2C-50631B8C8F9C", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*", matchCriteriaId: "DD8AD128-F6E2-45BD-9098-EC559D193194", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11F4F714-F802-4D13-A965-0A22B80DA9D0", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*", matchCriteriaId: "1EA20BB5-024E-4389-A0FE-C218E15D31A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F61801B9-80FD-45EC-9A20-5C703CB8BE76", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "76F5073F-CAE9-4071-9C86-2B29FB529A49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "058EDB3A-31B8-482F-B825-B0A7E192356E", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "D00C8A81-53EB-425F-A730-AC7505285B73", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62FC4D21-B225-4349-A8E8-68780CC465D1", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "B3C8FC67-825D-4E55-8341-E449EA98B6AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E84B475-1FB7-4BF1-880B-8DB5137BB941", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "BFAA7370-1B78-4AF8-8358-830460A5E81C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "970B3705-6172-4C00-B402-30A7F23C5A08", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "40D5F6C3-3AC5-40F2-B755-130E24169AB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D261FBC-1E4C-4016-AD0E-F234EE36F09A", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "08729226-19DB-410A-A764-B84E5213839D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5B465BD-D425-44C7-931C-E6DAABB79B67", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "CC372090-E9D1-4CB7-8CDC-8FA439764359", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28C49CB8-179A-47B7-9B04-FC214382B643", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "70C73C18-EC1D-431A-808F-1C16706B7F26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "896E8488-0AB0-4C39-9729-1E42F4C28419", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "838474F2-85A2-4315-8F0C-B1AAC9B20373", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E525612D-8273-42FD-8DAD-D589ED61C9D6", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "130361E8-6979-492F-89A3-4EFFF8F5379F", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "557BB258-1B9D-457F-9573-85439950C361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC98A393-C374-4411-94FE-9832CD8690ED", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "C951AC92-DD7E-4C24-BC38-1D041D81691C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C4C96D63-0711-48F8-ADE2-261FCF306049", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "F85BC978-9C30-4484-B6D7-B7A4543EFDA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FA5DA457-347E-4B6B-8003-882BD4D95D64", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B07B2FDF-E6A5-4E06-9328-01F311E85AF9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84F1472B-A584-4712-BEF7-7B4BDE166CE2", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*", matchCriteriaId: "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7DB4915-E989-4085-B201-C5CCC86AB924", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*", matchCriteriaId: "E21F9909-8D80-40BE-81E0-6ED7FE140A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B280EE0D-F3F9-46E3-949F-109844428C35", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E86AC831-9FB9-4D17-AA06-E68C176F1A23", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A27B28F-A037-4730-A0DD-96BB568F4A58", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D48EE1B0-3010-44F2-AEF9-A3E35BD03971", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*", matchCriteriaId: "391AD485-A49D-43D0-AAE5-1F58B38D4E22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones < V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones < V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones < V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones < V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones < V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones < V2.2). Se puede acceder a los archivos de registro de servicio de la aplicación afectada sin la autenticación adecuada. Esto podría permitir que un atacante no autenticado obtenga acceso a información confidencial.", }, ], id: "CVE-2024-37991", lastModified: "2024-09-18T15:29:44.390", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "HIGH", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 6, baseSeverity: "MEDIUM", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "PASSIVE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "NONE", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2024-09-10T10:15:10.600", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-06-08 20:15
Modified
2024-11-21 06:05
Severity ?
Summary
A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3FAEBD5A-ED36-47C5-8DA5-9845F22EE58D", versionEndExcluding: "1.3.2", versionStartExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*", matchCriteriaId: "391AD485-A49D-43D0-AAE5-1F58B38D4E22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "82AED53B-754E-4486-B3C9-334CEAFFA51E", versionEndExcluding: "1.3.2", versionStartExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "625CC7AD-CC00-4D98-AB84-057EC715CAE0", versionEndExcluding: "1.3.2", versionStartExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F22922F9-A759-48DC-9474-1AF21B7E1BF1", versionEndExcluding: "1.3.2", versionStartExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "22EF569C-77BB-461B-A306-9939C4A40BD7", versionEndExcluding: "1.3.2", versionStartExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*", matchCriteriaId: "E21F9909-8D80-40BE-81E0-6ED7FE140A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2FFB4E7E-2C7C-42CD-A48B-C4D5AA29F5FB", versionEndExcluding: "1.3.2", versionStartExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*", matchCriteriaId: "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A4963ECC-C73C-4E0D-996B-200FA72457AE", versionEndExcluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*", matchCriteriaId: "63F05227-208B-42C8-8D56-A5D106CAD32F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2BF403B4-5CF2-400B-A478-ED6793C4B1AC", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49053F22-7090-4F95-A22B-43AE63EA0861", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C641A539-9150-4ACD-A048-D51B47BBE018", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "F85BC978-9C30-4484-B6D7-B7A4543EFDA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3FCB4AEE-63F7-4D51-91B1-004ABA57B8D2", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C4C96D63-0711-48F8-ADE2-261FCF306049", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "66C94341-A430-4E33-B04F-EC1902CA4931", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "C951AC92-DD7E-4C24-BC38-1D041D81691C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C72BD0C-B03C-4F53-854F-1075D8169425", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "557BB258-1B9D-457F-9573-85439950C361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CF3A61A-E125-4BE1-BC05-0F2144B738FD", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "838474F2-85A2-4315-8F0C-B1AAC9B20373", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61CD6B66-2A64-45A8-A64E-D8377E7C8DE7", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "70C73C18-EC1D-431A-808F-1C16706B7F26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52A14F72-1BFF-40F9-A0B4-C5465E041208", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85FCC663-C190-4F0A-BD69-4E2F44A1EED5", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E645BE68-DB7B-48AC-8A51-CE576B902711", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6371B9FA-0137-4E3E-B32C-F56DD083F6E3", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "08729226-19DB-410A-A764-B84E5213839D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD90CE56-9B4E-4293-9C46-1FF1348FF6BF", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "40D5F6C3-3AC5-40F2-B755-130E24169AB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC2CC054-6101-450F-A063-7B51BC021A24", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "CC372090-E9D1-4CB7-8CDC-8FA439764359", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3F33F00E-48FC-4961-9BEA-C336B1238DAB", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "B3C8FC67-825D-4E55-8341-E449EA98B6AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABF0A163-D7D9-4326-8695-DC8E735F908E", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "D00C8A81-53EB-425F-A730-AC7505285B73", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3C40DE2-564E-4D08-A747-50B64D47C08A", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "76F5073F-CAE9-4071-9C86-2B29FB529A49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A3A8411B-EB2C-422C-BA70-ACF9ABF57F59", versionEndExcluding: "4.0", versionStartIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "BFAA7370-1B78-4AF8-8358-830460A5E81C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC RF166C (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF185C (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF186C (Todas las versiones posteriores a V1. 1 y y anteriores a V1.3.2), SIMATIC RF186CI (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF188C (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF188CI (Todas las versiones posteriores a V1.1 y y anteriores a V1.3. 2), SIMATIC RF360R (Todas las versiones y anteriores a V2.0), SIMATIC Reader RF610R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF610R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF610R FCC (Todas las versiones posteriores a V3. 0 y anteriores a V4.0), Lector SIMATIC RF615R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF615R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF615R FCC (Todas las versiones posteriores a V3. 0 y anteriores a V4.0), Lector SIMATIC RF650R ARIB (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF650R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF650R ETSI (Todas las versiones posteriores a V3. 0 y anteriores a V4.0), Lector SIMATIC RF650R FCC (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF680R ARIB (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF680R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4. 0), SIMATIC Reader RF680R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF680R FCC (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF685R ARIB (Todas las versiones posteriores a V3.0 y anteriores a V4. 0), SIMATIC Reader RF685R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF685R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF685R FCC (Todas las versiones posteriores a V3.0 y anteriores a V4.0). Los dispositivos afectados no manejan adecuadamente un gran número de conexiones entrantes. Un atacante puede aprovechar esto para provocar una situación de denegación de servicio", }, ], id: "CVE-2021-31340", lastModified: "2024-11-21T06:05:27.063", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-06-08T20:15:08.853", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:27
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-765405.html | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8930F2B-7C37-4059-85FC-0316B631C860", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*", matchCriteriaId: "63F05227-208B-42C8-8D56-A5D106CAD32F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC216594-D56B-454D-BD2C-50631B8C8F9C", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*", matchCriteriaId: "DD8AD128-F6E2-45BD-9098-EC559D193194", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "11F4F714-F802-4D13-A965-0A22B80DA9D0", versionEndExcluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*", matchCriteriaId: "1EA20BB5-024E-4389-A0FE-C218E15D31A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F61801B9-80FD-45EC-9A20-5C703CB8BE76", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "76F5073F-CAE9-4071-9C86-2B29FB529A49", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "058EDB3A-31B8-482F-B825-B0A7E192356E", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "D00C8A81-53EB-425F-A730-AC7505285B73", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62FC4D21-B225-4349-A8E8-68780CC465D1", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "B3C8FC67-825D-4E55-8341-E449EA98B6AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E84B475-1FB7-4BF1-880B-8DB5137BB941", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "BFAA7370-1B78-4AF8-8358-830460A5E81C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "970B3705-6172-4C00-B402-30A7F23C5A08", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "40D5F6C3-3AC5-40F2-B755-130E24169AB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7D261FBC-1E4C-4016-AD0E-F234EE36F09A", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "08729226-19DB-410A-A764-B84E5213839D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B5B465BD-D425-44C7-931C-E6DAABB79B67", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "CC372090-E9D1-4CB7-8CDC-8FA439764359", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28C49CB8-179A-47B7-9B04-FC214382B643", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "70C73C18-EC1D-431A-808F-1C16706B7F26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "896E8488-0AB0-4C39-9729-1E42F4C28419", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "838474F2-85A2-4315-8F0C-B1AAC9B20373", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E525612D-8273-42FD-8DAD-D589ED61C9D6", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*", matchCriteriaId: "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "130361E8-6979-492F-89A3-4EFFF8F5379F", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "557BB258-1B9D-457F-9573-85439950C361", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DC98A393-C374-4411-94FE-9832CD8690ED", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "C951AC92-DD7E-4C24-BC38-1D041D81691C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C4C96D63-0711-48F8-ADE2-261FCF306049", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*", matchCriteriaId: "F85BC978-9C30-4484-B6D7-B7A4543EFDA5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FA5DA457-347E-4B6B-8003-882BD4D95D64", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*", matchCriteriaId: "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B07B2FDF-E6A5-4E06-9328-01F311E85AF9", versionEndExcluding: "4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*", matchCriteriaId: "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "84F1472B-A584-4712-BEF7-7B4BDE166CE2", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*", matchCriteriaId: "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7DB4915-E989-4085-B201-C5CCC86AB924", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*", matchCriteriaId: "E21F9909-8D80-40BE-81E0-6ED7FE140A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B280EE0D-F3F9-46E3-949F-109844428C35", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E86AC831-9FB9-4D17-AA06-E68C176F1A23", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1A27B28F-A037-4730-A0DD-96BB568F4A58", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D48EE1B0-3010-44F2-AEF9-A3E35BD03971", versionEndExcluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*", matchCriteriaId: "391AD485-A49D-43D0-AAE5-1F58B38D4E22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones < V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones < V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones < V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones < V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones < V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones < V2.2). Las aplicaciones afectadas contienen archivos de configuración que se pueden modificar. Un atacante con acceso privilegiado puede modificar estos archivos y habilitar funciones que no están disponibles para este dispositivo.", }, ], id: "CVE-2024-37990", lastModified: "2024-09-18T15:27:53.563", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 7, baseSeverity: "HIGH", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "HIGH", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "HIGH", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2024-09-10T10:15:10.227", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-912", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
CVE-2019-6568 (GCVE-0-2019-6568)
Vulnerability from cvelistv5
Published
2019-04-17 13:40
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
The webserver of the affected devices contains a vulnerability that may lead to
a denial of service condition. An attacker may cause a denial of service
situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network
access to the affected systems. Successful exploitation requires no system
privileges and no user interaction. An attacker could use the vulnerability
to compromise availability of the device.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:23:22.207Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC CP 1604", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 1616", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 343-1 Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC CP 443-1 OPC UA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200pro IM154-8 PN/DP CPU", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200pro IM154-8F PN/DP CPU", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200pro IM154-8FX PN/DP CPU", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200S IM151-8 PN/DP CPU", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200S IM151-8F PN/DP CPU", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.6", }, ], }, { defaultStatus: "unknown", product: "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Upd4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Upd4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Upd4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC IPC DiagMonitor", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.1.3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF182C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF185C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1.0", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF600R family", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RFID 181EIP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.6.1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-1500 Software Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU 314C-2 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU 315-2 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU 315F-2 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU 315T-3 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU 317-2 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU 317F-2 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU 317T-3 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU 317TF-3 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU 319-3 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-300 CPU 319F-3 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-PLCSIM Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0 SP1 UPD1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Teleservice Adapter IE Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Teleservice Adapter IE Basic", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Teleservice Adapter IE Standard", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinAC RTX 2010", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2010 SP3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinAC RTX F 2010", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2010 SP3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Upd4", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1.3", }, ], }, { defaultStatus: "unknown", product: "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1.3", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G130 V4.6 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G130 V4.7 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G130 V4.7 SP1 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G130 V4.8 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF6", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G130 V5.1 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G130 V5.1 SP1 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.1 SP1 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G150 V4.6 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G150 V4.7 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G150 V4.7 SP1 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G150 V4.8 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF6", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G150 V5.1 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS G150 V5.1 SP1 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.1 SP1 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS GH150 V4.7 (Control Unit)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS GH150 V4.8 (Control Unit)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 SP2 HF9", }, ], }, { defaultStatus: "unknown", product: "SINAMICS GL150 V4.7 (Control Unit)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS GL150 V4.8 (Control Unit)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 SP2 HF9", }, ], }, { defaultStatus: "unknown", product: "SINAMICS GM150 V4.7 (Control Unit)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS GM150 V4.8 (Control Unit)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 SP2 HF9", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF6", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.1 SP1 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S150 V4.6 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S150 V4.7 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S150 V4.7 SP1 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S150 V4.8 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 HF6", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S150 V5.1 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S150 V5.1 SP1 Control Unit", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.1 SP1 HF4", }, ], }, { defaultStatus: "unknown", product: "SINAMICS S210", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.1 SP1 HF8", }, ], }, { defaultStatus: "unknown", product: "SINAMICS SL150 V4.7 (Control Unit)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.7 HF33", }, ], }, { defaultStatus: "unknown", product: "SINAMICS SL150 V4.8 (Control Unit)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS SM120 V4.7 (Control Unit)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SINAMICS SM120 V4.8 (Control Unit)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.8 SP2 HF10", }, ], }, { defaultStatus: "unknown", product: "SINAMICS SM150 V4.8 (Control Unit)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200S IM151-8 PN/DP CPU", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIPLUS ET 200S IM151-8F PN/DP CPU", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 343-1 Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { defaultStatus: "unknown", product: "SIPLUS NET CP 443-1 Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-300 CPU 314C-2 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3.16", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-300 CPU 315-2 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-300 CPU 315F-2 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-300 CPU 317-2 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SIPLUS S7-300 CPU 317F-2 PN/DP", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2.16", }, ], }, { defaultStatus: "unknown", product: "SITOP Manager", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.1", }, ], }, { defaultStatus: "unknown", product: "SITOP PSU8600", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.5", }, ], }, { defaultStatus: "unknown", product: "SITOP UPS1600 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.3", }, ], }, { defaultStatus: "unknown", product: "TIM 1531 IRC (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1", }, ], }, ], descriptions: [ { lang: "en", value: "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125: Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-09T11:51:03.049Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-6568", datePublished: "2019-04-17T13:40:24", dateReserved: "2019-01-22T00:00:00", dateUpdated: "2024-08-04T20:23:22.207Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-37993 (GCVE-0-2024-37993)
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:04
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Reader RF610R CMIIT |
Version: 0 < V4.2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-37993", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-10T15:04:12.477171Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-10T15:04:32.084Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC Reader RF610R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1140R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1170R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF166C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF185C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF360R", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition.", }, ], metrics: [ { cvssV3_1: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, { cvssV4_0: { baseScore: 6.9, baseSeverity: "MEDIUM", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284: Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:36:39.074Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-37993", datePublished: "2024-09-10T09:36:39.074Z", dateReserved: "2024-06-11T08:32:52.184Z", dateUpdated: "2024-09-10T15:04:32.084Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-5391 (GCVE-0-2018-5391)
Vulnerability from cvelistv5
Published
2018-09-06 21:00
Modified
2024-08-05 05:33
Severity ?
EPSS score ?
Summary
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:3540 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2785 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:3083 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2925 | vendor-advisory, x_refsource_REDHAT | |
| https://www.kb.cert.org/vuls/id/641765 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt | x_refsource_CONFIRM | |
| https://usn.ubuntu.com/3741-2/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.securitytracker.com/id/1041476 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHSA-2018:3459 | vendor-advisory, x_refsource_REDHAT | |
| https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f | x_refsource_MISC | |
| https://access.redhat.com/errata/RHSA-2018:2933 | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/3740-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3741-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://access.redhat.com/errata/RHSA-2018:3590 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2948 | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/3742-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/3740-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.securityfocus.com/bid/105108 | vdb-entry, x_refsource_BID | |
| https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/3742-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://access.redhat.com/errata/RHSA-2018:2924 | vendor-advisory, x_refsource_REDHAT | |
| https://www.debian.org/security/2018/dsa-4272 | vendor-advisory, x_refsource_DEBIAN | |
| https://access.redhat.com/errata/RHSA-2018:3586 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2846 | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1041637 | vdb-entry, x_refsource_SECTRACK | |
| https://access.redhat.com/errata/RHSA-2018:3096 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2018:2791 | vendor-advisory, x_refsource_REDHAT | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html | mailing-list, x_refsource_MLIST | |
| https://security.netapp.com/advisory/ntap-20181003-0002/ | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2019/06/28/2 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2019/07/06/3 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2019/07/06/4 | mailing-list, x_refsource_MLIST | |
| https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS | x_refsource_CONFIRM | |
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T05:33:44.368Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2018:3540", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3540", }, { name: "RHSA-2018:2785", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2785", }, { name: "RHSA-2018:3083", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { name: "RHSA-2018:2925", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2925", }, { name: "VU#641765", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/641765", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", }, { name: "USN-3741-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3741-2/", }, { name: "1041476", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041476", }, { name: "RHSA-2018:3459", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3459", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", }, { name: "RHSA-2018:2933", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2933", }, { name: "USN-3740-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3740-2/", }, { name: "USN-3741-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3741-1/", }, { name: "RHSA-2018:3590", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3590", }, { name: "RHSA-2018:2948", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { name: "USN-3742-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3742-2/", }, { name: "USN-3740-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3740-1/", }, { name: "105108", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/105108", }, { name: "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html", }, { name: "USN-3742-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3742-1/", }, { name: "RHSA-2018:2924", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2924", }, { name: "DSA-4272", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4272", }, { name: "RHSA-2018:3586", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3586", }, { name: "RHSA-2018:2846", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2846", }, { name: "1041637", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041637", }, { name: "RHSA-2018:3096", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { name: "RHSA-2018:2791", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:2791", }, { name: "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20181003-0002/", }, { name: "[oss-security] 20190628 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/06/28/2", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/3", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Kernel", vendor: "Linux", versions: [ { lessThan: "3.9*", status: "affected", version: "3.9", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Thanks to Juha-Matti Tilli (Aalto University, Department of Communications and Networking / Nokia Bell Labs) for reporting this vulnerability.", }, ], datePublic: "2018-09-06T00:00:00", descriptions: [ { lang: "en", value: "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-14T12:06:39", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { name: "RHSA-2018:3540", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3540", }, { name: "RHSA-2018:2785", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2785", }, { name: "RHSA-2018:3083", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { name: "RHSA-2018:2925", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2925", }, { name: "VU#641765", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "https://www.kb.cert.org/vuls/id/641765", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", }, { name: "USN-3741-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3741-2/", }, { name: "1041476", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041476", }, { name: "RHSA-2018:3459", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3459", }, { tags: [ "x_refsource_MISC", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", }, { name: "RHSA-2018:2933", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2933", }, { name: "USN-3740-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3740-2/", }, { name: "USN-3741-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3741-1/", }, { name: "RHSA-2018:3590", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3590", }, { name: "RHSA-2018:2948", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { name: "USN-3742-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3742-2/", }, { name: "USN-3740-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3740-1/", }, { name: "105108", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/105108", }, { name: "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html", }, { name: "USN-3742-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3742-1/", }, { name: "RHSA-2018:2924", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2924", }, { name: "DSA-4272", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4272", }, { name: "RHSA-2018:3586", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3586", }, { name: "RHSA-2018:2846", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2846", }, { name: "1041637", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041637", }, { name: "RHSA-2018:3096", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { name: "RHSA-2018:2791", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:2791", }, { name: "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20181003-0002/", }, { name: "[oss-security] 20190628 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/06/28/2", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/3", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/07/06/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", }, ], source: { discovery: "UNKNOWN", }, title: "The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cert@cert.org", ID: "CVE-2018-5391", STATE: "PUBLIC", TITLE: "The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Kernel", version: { version_data: [ { affected: ">=", version_affected: ">=", version_name: "3.9", version_value: "3.9", }, ], }, }, ], }, vendor_name: "Linux", }, ], }, }, credit: [ { lang: "eng", value: "Thanks to Juha-Matti Tilli (Aalto University, Department of Communications and Networking / Nokia Bell Labs) for reporting this vulnerability.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2018:3540", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3540", }, { name: "RHSA-2018:2785", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2785", }, { name: "RHSA-2018:3083", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { name: "RHSA-2018:2925", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2925", }, { name: "VU#641765", refsource: "CERT-VN", url: "https://www.kb.cert.org/vuls/id/641765", }, { name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", refsource: "CONFIRM", url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", }, { name: "USN-3741-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3741-2/", }, { name: "1041476", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041476", }, { name: "RHSA-2018:3459", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3459", }, { name: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", refsource: "MISC", url: "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f", }, { name: "RHSA-2018:2933", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2933", }, { name: "USN-3740-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3740-2/", }, { name: "USN-3741-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3741-1/", }, { name: "RHSA-2018:3590", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3590", }, { name: "RHSA-2018:2948", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { name: "USN-3742-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3742-2/", }, { name: "USN-3740-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3740-1/", }, { name: "105108", refsource: "BID", url: "http://www.securityfocus.com/bid/105108", }, { name: "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html", }, { name: "USN-3742-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3742-1/", }, { name: "RHSA-2018:2924", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2924", }, { name: "DSA-4272", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4272", }, { name: "RHSA-2018:3586", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3586", }, { name: "RHSA-2018:2846", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2846", }, { name: "1041637", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041637", }, { name: "RHSA-2018:3096", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { name: "RHSA-2018:2791", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:2791", }, { name: "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html", }, { name: "https://security.netapp.com/advisory/ntap-20181003-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20181003-0002/", }, { name: "[oss-security] 20190628 Re: linux-distros membership application - Microsoft", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/06/28/2", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/07/06/3", }, { name: "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/07/06/4", }, { name: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&utm_medium=RSS", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K74374841?utm_source=f5support&utm_medium=RSS", }, { name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", refsource: "CONFIRM", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2018-5391", datePublished: "2018-09-06T21:00:00", dateReserved: "2018-01-12T00:00:00", dateUpdated: "2024-08-05T05:33:44.368Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-37994 (GCVE-0-2024-37994)
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:03
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Reader RF610R CMIIT |
Version: 0 < V4.2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-37994", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-10T15:03:36.814417Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-10T15:03:52.417Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC Reader RF610R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1140R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1170R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF166C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF185C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF360R", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment.", }, ], metrics: [ { cvssV3_1: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, }, { cvssV4_0: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-912", description: "CWE-912: Hidden Functionality", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:36:40.841Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-37994", datePublished: "2024-09-10T09:36:40.841Z", dateReserved: "2024-06-11T08:32:52.184Z", dateUpdated: "2024-09-10T15:03:52.417Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-3449 (GCVE-0-2021-3449)
Vulnerability from cvelistv5
Published
2021-03-25 14:25
Modified
2024-09-17 03:43
Severity ?
EPSS score ?
Summary
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.openssl.org/news/secadv/20210325.txt | ||
| https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148 | ||
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd | vendor-advisory | |
| https://www.debian.org/security/2021/dsa-4875 | vendor-advisory | |
| http://www.openwall.com/lists/oss-security/2021/03/27/1 | mailing-list | |
| http://www.openwall.com/lists/oss-security/2021/03/27/2 | mailing-list | |
| http://www.openwall.com/lists/oss-security/2021/03/28/3 | mailing-list | |
| http://www.openwall.com/lists/oss-security/2021/03/28/4 | mailing-list | |
| https://security.gentoo.org/glsa/202103-03 | vendor-advisory | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ | vendor-advisory | |
| https://www.oracle.com/security-alerts/cpuApr2021.html | ||
| https://www.tenable.com/security/tns-2021-10 | ||
| https://www.tenable.com/security/tns-2021-09 | ||
| https://security.netapp.com/advisory/ntap-20210513-0002/ | ||
| https://security.netapp.com/advisory/ntap-20210326-0006/ | ||
| https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc | ||
| https://www.tenable.com/security/tns-2021-06 | ||
| https://www.tenable.com/security/tns-2021-05 | ||
| https://kc.mcafee.com/corporate/index?page=content&id=SB10356 | ||
| https://www.oracle.com//security-alerts/cpujul2021.html | ||
| https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf | ||
| https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 | ||
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 | ||
| https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html | mailing-list | |
| https://www.oracle.com/security-alerts/cpuoct2021.html | ||
| https://www.oracle.com/security-alerts/cpuapr2022.html | ||
| https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | ||
| https://www.oracle.com/security-alerts/cpujul2022.html | ||
| https://security.netapp.com/advisory/ntap-20240621-0006/ |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:53:17.609Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20210325.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148", }, { name: "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { name: "DSA-4875", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4875", }, { name: "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { name: "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { name: "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { name: "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { name: "GLSA-202103-03", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-03", }, { name: "FEDORA-2021-cbf14ab8f9", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-10", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-09", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { tags: [ "x_transferred", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-06", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-05", }, { tags: [ "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { tags: [ "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { tags: [ "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { name: "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)", }, ], }, ], credits: [ { lang: "en", value: "Peter Kästle (Nokia) and Samuel Sapalski (Nokia)", }, ], datePublic: "2021-03-25T00:00:00", descriptions: [ { lang: "en", value: "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#High", value: "High", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "NULL pointer dereference", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-21T19:05:57.096577", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20210325.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148", }, { name: "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { name: "DSA-4875", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-4875", }, { name: "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { name: "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { name: "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { name: "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { name: "GLSA-202103-03", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { name: "FEDORA-2021-cbf14ab8f9", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { url: "https://www.tenable.com/security/tns-2021-10", }, { url: "https://www.tenable.com/security/tns-2021-09", }, { url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { url: "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { url: "https://www.tenable.com/security/tns-2021-06", }, { url: "https://www.tenable.com/security/tns-2021-05", }, { url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { name: "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "NULL pointer deref in signature_algorithms processing", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2021-3449", datePublished: "2021-03-25T14:25:13.659307Z", dateReserved: "2021-03-17T00:00:00", dateUpdated: "2024-09-17T03:43:55.497Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-31340 (GCVE-0-2021-31340)
Vulnerability from cvelistv5
Published
2021-06-08 19:47
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC RF166C |
Version: All versions > V1.1 and < V1.3.2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:55:53.544Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC RF166C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V1.1 and < V1.3.2", }, ], }, { product: "SIMATIC RF185C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V1.1 and < V1.3.2", }, ], }, { product: "SIMATIC RF186C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V1.1 and < V1.3.2", }, ], }, { product: "SIMATIC RF186CI", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V1.1 and < V1.3.2", }, ], }, { product: "SIMATIC RF188C", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V1.1 and < V1.3.2", }, ], }, { product: "SIMATIC RF188CI", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V1.1 and < V1.3.2", }, ], }, { product: "SIMATIC RF360R", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.0", }, ], }, { product: "SIMATIC Reader RF610R CMIIT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF610R ETSI", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF610R FCC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF615R CMIIT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF615R ETSI", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF615R FCC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF650R ARIB", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF650R CMIIT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF650R ETSI", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF650R FCC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF680R ARIB", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF680R CMIIT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF680R ETSI", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF680R FCC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF685R ARIB", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF685R CMIIT", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF685R ETSI", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, { product: "SIMATIC Reader RF685R FCC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions > V3.0 < V4.0", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-10T09:46:26", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-31340", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC RF166C", version: { version_data: [ { version_value: "All versions > V1.1 and < V1.3.2", }, ], }, }, { product_name: "SIMATIC RF185C", version: { version_data: [ { version_value: "All versions > V1.1 and < V1.3.2", }, ], }, }, { product_name: "SIMATIC RF186C", version: { version_data: [ { version_value: "All versions > V1.1 and < V1.3.2", }, ], }, }, { product_name: "SIMATIC RF186CI", version: { version_data: [ { version_value: "All versions > V1.1 and < V1.3.2", }, ], }, }, { product_name: "SIMATIC RF188C", version: { version_data: [ { version_value: "All versions > V1.1 and < V1.3.2", }, ], }, }, { product_name: "SIMATIC RF188CI", version: { version_data: [ { version_value: "All versions > V1.1 and < V1.3.2", }, ], }, }, { product_name: "SIMATIC RF360R", version: { version_data: [ { version_value: "All versions < V2.0", }, ], }, }, { product_name: "SIMATIC Reader RF610R CMIIT", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF610R ETSI", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF610R FCC", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF615R CMIIT", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF615R ETSI", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF615R FCC", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF650R ARIB", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF650R CMIIT", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF650R ETSI", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF650R FCC", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF680R ARIB", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF680R CMIIT", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF680R ETSI", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF680R FCC", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF685R ARIB", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF685R CMIIT", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF685R ETSI", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, { product_name: "SIMATIC Reader RF685R FCC", version: { version_data: [ { version_value: "All versions > V3.0 < V4.0", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400: Uncontrolled Resource Consumption", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-31340", datePublished: "2021-06-08T19:47:16", dateReserved: "2021-04-15T00:00:00", dateUpdated: "2024-08-03T22:55:53.544Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-37991 (GCVE-0-2024-37991)
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:09
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
6.0 (Medium) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
6.0 (Medium) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Reader RF610R CMIIT |
Version: 0 < V4.2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-37991", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-10T15:09:26.404268Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-10T15:09:35.340Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC Reader RF610R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1140R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1170R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF166C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF185C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF360R", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information.", }, ], metrics: [ { cvssV3_1: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, { cvssV4_0: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:36:35.565Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-37991", datePublished: "2024-09-10T09:36:35.565Z", dateReserved: "2024-06-11T08:32:52.183Z", dateUpdated: "2024-09-10T15:09:35.340Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-37990 (GCVE-0-2024-37990)
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:12
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
7.0 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
7.0 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Reader RF610R CMIIT |
Version: 0 < V4.2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-37990", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-10T15:12:00.893655Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-10T15:12:10.308Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC Reader RF610R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1140R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1170R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF166C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF185C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF360R", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, { cvssV4_0: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-912", description: "CWE-912: Hidden Functionality", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:36:33.772Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-37990", datePublished: "2024-09-10T09:36:33.772Z", dateReserved: "2024-06-11T08:32:52.183Z", dateUpdated: "2024-09-10T15:12:10.308Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-37995 (GCVE-0-2024-37995)
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:09
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Reader RF610R CMIIT |
Version: 0 < V4.2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-37995", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-10T15:08:52.987640Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-10T15:09:02.700Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC Reader RF610R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1140R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1170R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF166C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF185C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF360R", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information.", }, ], metrics: [ { cvssV3_1: { baseScore: 2.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, { cvssV4_0: { baseScore: 2.1, baseSeverity: "LOW", vectorString: "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-703", description: "CWE-703: Improper Check or Handling of Exceptional Conditions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:36:42.714Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-37995", datePublished: "2024-09-10T09:36:42.714Z", dateReserved: "2024-06-11T08:32:52.184Z", dateUpdated: "2024-09-10T15:09:02.700Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-37992 (GCVE-0-2024-37992)
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:08
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
5.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Reader RF610R CMIIT |
Version: 0 < V4.2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-37992", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-10T15:04:53.594332Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-10T15:08:09.459Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC Reader RF610R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF610R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF615R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF650R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF680R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ARIB", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R CMIIT", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R ETSI", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Reader RF685R FCC", vendor: "Siemens", versions: [ { lessThan: "V4.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1140R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF1170R", vendor: "Siemens", versions: [ { lessThan: "V1.1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF166C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF185C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF186CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188C", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF188CI", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC RF360R", vendor: "Siemens", versions: [ { lessThan: "V2.2", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application.", }, ], metrics: [ { cvssV3_1: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { cvssV4_0: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-703", description: "CWE-703: Improper Check or Handling of Exceptional Conditions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:36:37.300Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-765405.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-37992", datePublished: "2024-09-10T09:36:37.300Z", dateReserved: "2024-06-11T08:32:52.183Z", dateUpdated: "2024-09-10T15:08:09.459Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }