Vulnerabilites related to siemens - simatic_step_7
CVE-2020-7580 (GCVE-0-2020-7580)
Vulnerability from cvelistv5
Published
2020-06-10 00:00
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Automation Tool |
Version: All versions < V4 SP2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:33:19.492Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf", }, { tags: [ "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC Automation Tool", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4 SP2", }, ], }, { product: "SIMATIC NET PC Software V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 14", }, ], }, { product: "SIMATIC NET PC Software V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC NET PC Software V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Upd3", }, ], }, { product: "SIMATIC PCS neo", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0 SP1", }, ], }, { product: "SIMATIC ProSave", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17", }, ], }, { product: "SIMATIC S7-1500 Software Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V21.8", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V13", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V13 SP2 Update 4", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 10", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 5", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMATIC STEP 7 V5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.6 SP2 HF3", }, ], }, { product: "SIMATIC WinCC OA V3.16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.16 P018", }, ], }, { product: "SIMATIC WinCC OA V3.17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.17 P003", }, ], }, { product: "SIMATIC WinCC Runtime Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMATIC WinCC Runtime Professional V13", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V13 SP2 Update 4", }, ], }, { product: "SIMATIC WinCC Runtime Professional V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 10", }, ], }, { product: "SIMATIC WinCC Runtime Professional V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 5", }, ], }, { product: "SIMATIC WinCC Runtime Professional V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Update 14", }, ], }, { product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP1 Update 3", }, ], }, { product: "SINAMICS STARTER", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.4 HF2", }, ], }, { product: "SINAMICS Startdrive", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V16 Update 3", }, ], }, { product: "SINEC NMS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0 SP2", }, ], }, { product: "SINEMA Server", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP3", }, ], }, { product: "SINUMERIK ONE virtual", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V6.14", }, ], }, { product: "SINUMERIK Operate", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V6.14", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-428", description: "CWE-428: Unquoted Search Path or Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T00:00:00", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf", }, { url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-7580", datePublished: "2020-06-10T00:00:00", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:33:19.492Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-31893 (GCVE-0-2021-31893)
Vulnerability from cvelistv5
Published
2021-07-13 11:02
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 and earlier |
Version: All versions |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:30.646Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.2 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3", }, ], }, { product: "SIMATIC PDM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.2", }, ], }, { product: "SIMATIC STEP 7 V5.X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.6 SP2 HF3", }, ], }, { product: "SINAMICS STARTER (containing STEP 7 OEM version)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.4 HF2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-13T11:02:56", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-31893", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP3", }, ], }, }, { product_name: "SIMATIC PDM", version: { version_data: [ { version_value: "All versions < V9.2", }, ], }, }, { product_name: "SIMATIC STEP 7 V5.X", version: { version_data: [ { version_value: "All versions < V5.6 SP2 HF3", }, ], }, }, { product_name: "SINAMICS STARTER (containing STEP 7 OEM version)", version: { version_data: [ { version_value: "All versions < V5.4 HF2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-31893", datePublished: "2021-07-13T11:02:56", dateReserved: "2021-04-29T00:00:00", dateUpdated: "2024-08-03T23:10:30.646Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-46141 (GCVE-0-2022-46141)
Vulnerability from cvelistv5
Published
2023-12-12 11:25
Modified
2024-11-25 21:17
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate user in the hardware configuration of the affected application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | SIMATIC STEP 7 (TIA Portal) |
Version: All versions < V19 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:24:03.267Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-887801.pdf", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-46141", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-25T21:17:05.789021Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-25T21:17:26.263Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC STEP 7 (TIA Portal)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V19", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate user in the hardware configuration of the affected application.", }, ], metrics: [ { cvssV3_1: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-316", description: "CWE-316: Cleartext Storage of Sensitive Information in Memory", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-12T11:25:26.583Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-887801.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-46141", datePublished: "2023-12-12T11:25:26.583Z", dateReserved: "2022-11-28T16:50:58.483Z", dateUpdated: "2024-11-25T21:17:26.263Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-1601 (GCVE-0-2015-1601)
Vulnerability from cvelistv5
Published
2015-04-06 01:00
Modified
2024-08-06 04:47
Severity ?
EPSS score ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/72691 | vdb-entry, x_refsource_BID | |
| http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:47:17.322Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "72691", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72691", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-02-17T00:00:00", descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-10T14:06:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "72691", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72691", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-1601", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "72691", refsource: "BID", url: "http://www.securityfocus.com/bid/72691", }, { name: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-1601", datePublished: "2015-04-06T01:00:00", dateReserved: "2015-02-13T00:00:00", dateUpdated: "2024-08-06T04:47:17.322Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-1594 (GCVE-0-2015-1594)
Vulnerability from cvelistv5
Published
2015-03-07 02:00
Modified
2024-08-06 04:47
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in Siemens SIMATIC ProSave before 13 SP1; SIMATIC CFC before 8.0 SP4 Upd9 and 8.1 before Upd1; SIMATIC STEP 7 before 5.5 SP1 HF2, 5.5 SP2 before HF7, 5.5 SP3, and 5.5 SP4 before HF4; SIMOTION Scout before 4.4; and STARTER before 4.4 HF3 allows local users to gain privileges via a Trojan horse application file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-451236.pdf | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032039 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:47:16.903Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-451236.pdf", }, { name: "1032039", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032039", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-05T00:00:00", descriptions: [ { lang: "en", value: "Untrusted search path vulnerability in Siemens SIMATIC ProSave before 13 SP1; SIMATIC CFC before 8.0 SP4 Upd9 and 8.1 before Upd1; SIMATIC STEP 7 before 5.5 SP1 HF2, 5.5 SP2 before HF7, 5.5 SP3, and 5.5 SP4 before HF4; SIMOTION Scout before 4.4; and STARTER before 4.4 HF3 allows local users to gain privileges via a Trojan horse application file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-04-16T17:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-451236.pdf", }, { name: "1032039", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032039", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-1594", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Untrusted search path vulnerability in Siemens SIMATIC ProSave before 13 SP1; SIMATIC CFC before 8.0 SP4 Upd9 and 8.1 before Upd1; SIMATIC STEP 7 before 5.5 SP1 HF2, 5.5 SP2 before HF7, 5.5 SP3, and 5.5 SP4 before HF4; SIMOTION Scout before 4.4; and STARTER before 4.4 HF3 allows local users to gain privileges via a Trojan horse application file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-451236.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-451236.pdf", }, { name: "1032039", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032039", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-1594", datePublished: "2015-03-07T02:00:00", dateReserved: "2015-02-13T00:00:00", dateUpdated: "2024-08-06T04:47:16.903Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7588 (GCVE-0-2020-7588)
Vulnerability from cvelistv5
Published
2020-07-14 13:18
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Discrete |
Version: All versions < V3.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:33:19.850Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Opcenter Execution Discrete", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Execution Foundation", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Execution Process", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Intelligence", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "Opcenter Quality", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V11.3", }, ], }, { product: "Opcenter RD&L", vendor: "Siemens", versions: [ { status: "affected", version: "V8.0", }, ], }, { product: "SIMATIC IT LMS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.6", }, ], }, { product: "SIMATIC IT Production Suite", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.0", }, ], }, { product: "SIMATIC Notifier Server for Windows", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS neo", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0 SP1", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 5", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMOCODE ES V15.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 4", }, ], }, { product: "SIMOCODE ES V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 1", }, ], }, { product: "Soft Starter ES V15.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 3", }, ], }, { product: "Soft Starter ES V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T11:16:56", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-7588", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Opcenter Execution Discrete", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Execution Foundation", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Execution Process", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Intelligence", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "Opcenter Quality", version: { version_data: [ { version_value: "All versions < V11.3", }, ], }, }, { product_name: "Opcenter RD&L", version: { version_data: [ { version_value: "V8.0", }, ], }, }, { product_name: "SIMATIC IT LMS", version: { version_data: [ { version_value: "All versions < V2.6", }, ], }, }, { product_name: "SIMATIC IT Production Suite", version: { version_data: [ { version_value: "All versions < V8.0", }, ], }, }, { product_name: "SIMATIC Notifier Server for Windows", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS neo", version: { version_data: [ { version_value: "All versions < V3.0 SP1", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal) V15", version: { version_data: [ { version_value: "All versions < V15.1 Update 5", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal) V16", version: { version_data: [ { version_value: "All versions < V16 Update 2", }, ], }, }, { product_name: "SIMOCODE ES V15.1", version: { version_data: [ { version_value: "All versions < V15.1 Update 4", }, ], }, }, { product_name: "SIMOCODE ES V16", version: { version_data: [ { version_value: "All versions < V16 Update 1", }, ], }, }, { product_name: "Soft Starter ES V15.1", version: { version_data: [ { version_value: "All versions < V15.1 Update 3", }, ], }, }, { product_name: "Soft Starter ES V16", version: { version_data: [ { version_value: "All versions < V16 Update 1", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20: Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-7588", datePublished: "2020-07-14T13:18:05", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:33:19.850Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7581 (GCVE-0-2020-7581)
Vulnerability from cvelistv5
Published
2020-07-14 13:18
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Discrete |
Version: All versions < V3.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:33:19.617Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Opcenter Execution Discrete", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Execution Foundation", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Execution Process", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Intelligence", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "Opcenter Quality", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V11.3", }, ], }, { product: "Opcenter RD&L", vendor: "Siemens", versions: [ { status: "affected", version: "V8.0", }, ], }, { product: "SIMATIC Notifier Server for Windows", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS neo", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0 SP1", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 5", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMOCODE ES V15.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 4", }, ], }, { product: "SIMOCODE ES V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 1", }, ], }, { product: "Soft Starter ES V15.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 3", }, ], }, { product: "Soft Starter ES V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-428", description: "CWE-428: Unquoted Search Path or Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T11:16:47", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-7581", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Opcenter Execution Discrete", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Execution Foundation", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Execution Process", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Intelligence", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "Opcenter Quality", version: { version_data: [ { version_value: "All versions < V11.3", }, ], }, }, { product_name: "Opcenter RD&L", version: { version_data: [ { version_value: "V8.0", }, ], }, }, { product_name: "SIMATIC Notifier Server for Windows", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS neo", version: { version_data: [ { version_value: "All versions < V3.0 SP1", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal) V15", version: { version_data: [ { version_value: "All versions < V15.1 Update 5", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal) V16", version: { version_data: [ { version_value: "All versions < V16 Update 2", }, ], }, }, { product_name: "SIMOCODE ES V15.1", version: { version_data: [ { version_value: "All versions < V15.1 Update 4", }, ], }, }, { product_name: "SIMOCODE ES V16", version: { version_data: [ { version_value: "All versions < V16 Update 1", }, ], }, }, { product_name: "Soft Starter ES V15.1", version: { version_data: [ { version_value: "All versions < V15.1 Update 3", }, ], }, }, { product_name: "Soft Starter ES V16", version: { version_data: [ { version_value: "All versions < V16 Update 1", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-428: Unquoted Search Path or Element", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-7581", datePublished: "2020-07-14T13:18:05", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:33:19.617Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7586 (GCVE-0-2020-7586)
Vulnerability from cvelistv5
Published
2020-06-10 16:23
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | x_refsource_MISC | |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | x_refsource_MISC | |
| https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 and earlier |
Version: All versions |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:33:19.798Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.2 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3", }, ], }, { product: "SIMATIC PDM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.2", }, ], }, { product: "SIMATIC STEP 7 V5.X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.6 SP2 HF3", }, ], }, { product: "SINAMICS STARTER (containing STEP 7 OEM version)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.4 HF2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-22T20:42:20", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-7586", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP3", }, ], }, }, { product_name: "SIMATIC PDM", version: { version_data: [ { version_value: "All versions < V9.2", }, ], }, }, { product_name: "SIMATIC STEP 7 V5.X", version: { version_data: [ { version_value: "All versions < V5.6 SP2 HF3", }, ], }, }, { product_name: "SINAMICS STARTER (containing STEP 7 OEM version)", version: { version_data: [ { version_value: "All versions < V5.4 HF2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-122: Heap-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { name: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { name: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", refsource: "CONFIRM", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-7586", datePublished: "2020-06-10T16:23:52", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:33:19.798Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-1355 (GCVE-0-2015-1355)
Vulnerability from cvelistv5
Published
2015-02-18 02:00
Modified
2024-08-06 04:40
Severity ?
EPSS score ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine cleartext passwords by reading a project file and conducting a brute-force attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:40:18.859Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-02-13T00:00:00", descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine cleartext passwords by reading a project file and conducting a brute-force attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-02-18T02:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-1355", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine cleartext passwords by reading a project file and conducting a brute-force attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-1355", datePublished: "2015-02-18T02:00:00", dateReserved: "2015-01-26T00:00:00", dateUpdated: "2024-08-06T04:40:18.859Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7587 (GCVE-0-2020-7587)
Vulnerability from cvelistv5
Published
2020-07-14 13:18
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Discrete |
Version: All versions < V3.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:33:19.877Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Opcenter Execution Discrete", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Execution Foundation", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Execution Process", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Intelligence", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "Opcenter Quality", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V11.3", }, ], }, { product: "Opcenter RD&L", vendor: "Siemens", versions: [ { status: "affected", version: "V8.0", }, ], }, { product: "SIMATIC IT LMS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.6", }, ], }, { product: "SIMATIC IT Production Suite", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.0", }, ], }, { product: "SIMATIC Notifier Server for Windows", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS neo", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0 SP1", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 5", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMOCODE ES V15.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 4", }, ], }, { product: "SIMOCODE ES V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 1", }, ], }, { product: "Soft Starter ES V15.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 3", }, ], }, { product: "Soft Starter ES V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T11:16:51", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-7587", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Opcenter Execution Discrete", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Execution Foundation", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Execution Process", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Intelligence", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "Opcenter Quality", version: { version_data: [ { version_value: "All versions < V11.3", }, ], }, }, { product_name: "Opcenter RD&L", version: { version_data: [ { version_value: "V8.0", }, ], }, }, { product_name: "SIMATIC IT LMS", version: { version_data: [ { version_value: "All versions < V2.6", }, ], }, }, { product_name: "SIMATIC IT Production Suite", version: { version_data: [ { version_value: "All versions < V8.0", }, ], }, }, { product_name: "SIMATIC Notifier Server for Windows", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS neo", version: { version_data: [ { version_value: "All versions < V3.0 SP1", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal) V15", version: { version_data: [ { version_value: "All versions < V15.1 Update 5", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal) V16", version: { version_data: [ { version_value: "All versions < V16 Update 2", }, ], }, }, { product_name: "SIMOCODE ES V15.1", version: { version_data: [ { version_value: "All versions < V15.1 Update 4", }, ], }, }, { product_name: "SIMOCODE ES V16", version: { version_data: [ { version_value: "All versions < V16 Update 1", }, ], }, }, { product_name: "Soft Starter ES V15.1", version: { version_data: [ { version_value: "All versions < V15.1 Update 3", }, ], }, }, { product_name: "Soft Starter ES V16", version: { version_data: [ { version_value: "All versions < V16 Update 1", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400: Uncontrolled Resource Consumption", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-7587", datePublished: "2020-07-14T13:18:05", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:33:19.877Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-1602 (GCVE-0-2015-1602)
Vulnerability from cvelistv5
Published
2015-04-06 01:00
Modified
2024-08-06 04:47
Severity ?
EPSS score ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:47:17.344Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-02-17T00:00:00", descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-04-06T01:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-1602", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-1602", datePublished: "2015-04-06T01:00:00", dateReserved: "2015-02-13T00:00:00", dateUpdated: "2024-08-06T04:47:17.344Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2015-1356 (GCVE-0-2015-1356)
Vulnerability from cvelistv5
Published
2015-02-18 02:00
Modified
2024-08-06 04:40
Severity ?
EPSS score ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:40:18.571Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-02-13T00:00:00", descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-02-18T02:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-1356", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-1356", datePublished: "2015-02-18T02:00:00", dateReserved: "2015-01-26T00:00:00", dateUpdated: "2024-08-06T04:40:18.571Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-31894 (GCVE-0-2021-31894)
Vulnerability from cvelistv5
Published
2021-07-13 11:02
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 and earlier |
Version: All versions |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:30.952Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.2 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP2", }, ], }, { product: "SIMATIC PDM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.2 SP2", }, ], }, { product: "SIMATIC STEP 7 V5.X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.7", }, ], }, { product: "SINAMICS STARTER (containing STEP 7 OEM version)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.4 SP2 HF1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-732", description: "CWE-732: Incorrect Permission Assignment for Critical Resource", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T11:17:00", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-31894", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.X", version: { version_data: [ { version_value: "All versions < V9.1 SP2", }, ], }, }, { product_name: "SIMATIC PDM", version: { version_data: [ { version_value: "All versions < V9.2 SP2", }, ], }, }, { product_name: "SIMATIC STEP 7 V5.X", version: { version_data: [ { version_value: "All versions < V5.7", }, ], }, }, { product_name: "SINAMICS STARTER (containing STEP 7 OEM version)", version: { version_data: [ { version_value: "All versions < V5.4 SP2 HF1", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-732: Incorrect Permission Assignment for Critical Resource", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-31894", datePublished: "2021-07-13T11:02:58", dateReserved: "2021-04-29T00:00:00", dateUpdated: "2024-08-03T23:10:30.952Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-7959 (GCVE-0-2016-7959)
Vulnerability from cvelistv5
Published
2016-10-13 10:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/93551 | vdb-entry, x_refsource_BID | |
| http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:13:21.506Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", }, { name: "93551", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93551", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-10-12T00:00:00", descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T21:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", }, { name: "93551", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93551", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7959", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", }, { name: "93551", refsource: "BID", url: "http://www.securityfocus.com/bid/93551", }, { name: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7959", datePublished: "2016-10-13T10:00:00", dateReserved: "2016-09-09T00:00:00", dateUpdated: "2024-08-06T02:13:21.506Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7585 (GCVE-0-2020-7585)
Vulnerability from cvelistv5
Published
2020-06-10 16:23
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | x_refsource_MISC | |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | x_refsource_MISC | |
| https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 and earlier |
Version: All versions |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:33:19.945Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.2 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3", }, ], }, { product: "SIMATIC PDM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.2", }, ], }, { product: "SIMATIC STEP 7 V5.X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.6 SP2 HF3", }, ], }, { product: "SINAMICS STARTER (containing STEP 7 OEM version)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.4 HF2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-427", description: "CWE-427: Uncontrolled Search Path Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-22T20:42:20", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-7585", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP3", }, ], }, }, { product_name: "SIMATIC PDM", version: { version_data: [ { version_value: "All versions < V9.2", }, ], }, }, { product_name: "SIMATIC STEP 7 V5.X", version: { version_data: [ { version_value: "All versions < V5.6 SP2 HF3", }, ], }, }, { product_name: "SINAMICS STARTER (containing STEP 7 OEM version)", version: { version_data: [ { version_value: "All versions < V5.4 HF2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-427: Uncontrolled Search Path Element", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { name: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { name: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", refsource: "CONFIRM", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-7585", datePublished: "2020-06-10T16:23:39", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:33:19.945Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-7165 (GCVE-0-2016-7165)
Vulnerability from cvelistv5
Published
2016-11-15 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files\*" or the localized equivalent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02 | x_refsource_MISC | |
| http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/94158 | vdb-entry, x_refsource_BID | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:50:47.526Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", }, { name: "94158", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94158", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-11-07T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-14T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", }, { tags: [ "x_refsource_MISC", ], url: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", }, { name: "94158", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94158", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7165", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", }, { name: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", refsource: "MISC", url: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", }, { name: "94158", refsource: "BID", url: "http://www.securityfocus.com/bid/94158", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7165", datePublished: "2016-11-15T19:00:00", dateReserved: "2016-09-08T00:00:00", dateUpdated: "2024-08-06T01:50:47.526Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2023-25910 (GCVE-0-2023-25910)
Vulnerability from cvelistv5
Published
2023-06-13 08:17
Modified
2024-08-02 11:32
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC S7-PM (All versions < V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server.
An attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system's server.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 |
Version: 0 < V9.1 SP2 UC04 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:32:12.730Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-968170.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC PCS 7", vendor: "Siemens", versions: [ { lessThan: "V9.1 SP2 UC04", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-PM", vendor: "Siemens", versions: [ { lessThan: "V5.7 SP1 HF1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC S7-PM", vendor: "Siemens", versions: [ { lessThan: "V5.7 SP2 HF1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC STEP 7 V5", vendor: "Siemens", versions: [ { lessThan: "V5.7", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC S7-PM (All versions < V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server.\r\n\r\nAn attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system's server.", }, ], metrics: [ { cvssV3_1: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:T/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94: Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-15T07:23:34.211Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf", }, { url: "https://cert-portal.siemens.com/productcert/html/ssa-968170.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-25910", datePublished: "2023-06-13T08:17:04.612Z", dateReserved: "2023-02-16T11:12:33.500Z", dateUpdated: "2024-08-02T11:32:12.730Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-7960 (GCVE-0-2016-7960)
Vulnerability from cvelistv5
Published
2016-10-13 10:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/93551 | vdb-entry, x_refsource_BID | |
| http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:13:21.400Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", }, { name: "93551", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93551", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-10-12T00:00:00", descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-20T21:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", }, { name: "93551", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93551", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7960", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", }, { name: "93551", refsource: "BID", url: "http://www.securityfocus.com/bid/93551", }, { name: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7960", datePublished: "2016-10-13T10:00:00", dateReserved: "2016-09-09T00:00:00", dateUpdated: "2024-08-06T02:13:21.400Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-42029 (GCVE-0-2021-42029)
Vulnerability from cvelistv5
Published
2022-04-12 09:07
Modified
2024-08-04 03:22
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC STEP 7 (TIA Portal) V15 |
Version: All versions |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:22:25.804Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC STEP 7 (TIA Portal) V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 5", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17 Update 2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284: Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:07:30", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-42029", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC STEP 7 (TIA Portal) V15", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal) V16", version: { version_data: [ { version_value: "All versions < V16 Update 5", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal) V17", version: { version_data: [ { version_value: "All versions < V17 Update 2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284: Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-42029", datePublished: "2022-04-12T09:07:30", dateReserved: "2021-10-06T00:00:00", dateUpdated: "2024-08-04T03:22:25.804Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-10929 (GCVE-0-2019-10929)
Vulnerability from cvelistv5
Published
2019-08-13 18:55
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf | x_refsource_MISC | |
| https://www.us-cert.gov/ics/advisories/icsa-19-344-04 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:15.230Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC CP 1626", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V20.8", }, ], }, { product: "SIMATIC HMI Panel (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC NET PC Software V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 14", }, ], }, { product: "SIMATIC NET PC Software V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4.0", }, ], }, { product: "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.1", }, ], }, { product: "SIMATIC S7-1500 Software Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V20.8", }, ], }, { product: "SIMATIC S7-PLCSIM Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16", }, ], }, { product: "SIMATIC WinCC (TIA Portal)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16", }, ], }, { product: "SIMATIC WinCC OA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.16 P013", }, ], }, { product: "SIMATIC WinCC Runtime Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16", }, ], }, { product: "SIMATIC WinCC Runtime Professional", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16", }, ], }, { product: "TIM 1531 IRC (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-327", description: "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T11:16:07", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2019-10929", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC CP 1626", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", version: { version_data: [ { version_value: "All versions < V20.8", }, ], }, }, { product_name: "SIMATIC HMI Panel (incl. SIPLUS variants)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC NET PC Software V14", version: { version_data: [ { version_value: "All versions < V14 SP1 Update 14", }, ], }, }, { product_name: "SIMATIC NET PC Software V15", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", version: { version_data: [ { version_value: "All versions < V4.4.0", }, ], }, }, { product_name: "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", version: { version_data: [ { version_value: "All versions < V2.8.1", }, ], }, }, { product_name: "SIMATIC S7-1500 Software Controller", version: { version_data: [ { version_value: "All versions < V20.8", }, ], }, }, { product_name: "SIMATIC S7-PLCSIM Advanced", version: { version_data: [ { version_value: "All versions < V3.0", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal)", version: { version_data: [ { version_value: "All versions < V16", }, ], }, }, { product_name: "SIMATIC WinCC (TIA Portal)", version: { version_data: [ { version_value: "All versions < V16", }, ], }, }, { product_name: "SIMATIC WinCC OA", version: { version_data: [ { version_value: "All versions < V3.16 P013", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Advanced", version: { version_data: [ { version_value: "All versions < V16", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional", version: { version_data: [ { version_value: "All versions < V16", }, ], }, }, { product_name: "TIM 1531 IRC (incl. SIPLUS NET variants)", version: { version_data: [ { version_value: "All versions < V2.1", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", }, { name: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-10929", datePublished: "2019-08-13T18:55:57", dateReserved: "2019-04-08T00:00:00", dateUpdated: "2024-08-04T22:40:15.230Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2012-3015 (GCVE-0-2012-3015)
Vulnerability from cvelistv5
Published
2012-07-26 10:00
Modified
2024-09-16 19:31
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf | x_refsource_MISC | |
| http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T19:50:05.483Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2012-07-26T10:00:00Z", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2012-3015", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf", refsource: "MISC", url: "http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf", }, { name: "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2012-3015", datePublished: "2012-07-26T10:00:00Z", dateReserved: "2012-05-30T00:00:00Z", dateUpdated: "2024-09-16T19:31:37.262Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2020-06-10 17:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf | Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_automatic_tool | * | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_neo | * | |
| siemens | simatic_prosave | * | |
| siemens | simatic_s7-1500_software_controller | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc_open_architecture | 3.16 | |
| siemens | simatic_wincc_open_architecture | 3.17 | |
| siemens | simatic_wincc_runtime_advanced | * | |
| siemens | simatic_wincc_runtime_professional | * | |
| siemens | sinamics_startdrive | * | |
| siemens | sinamics_starter_commissioning_tool | * | |
| siemens | sinec_network_management_system | * | |
| siemens | sinema_server | * | |
| siemens | sinumerik_one_virtual | * | |
| siemens | sinumerik_operate | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_automatic_tool:*:*:*:*:*:*:*:*", matchCriteriaId: "A659B687-1038-42F5-B8AC-A394E41D22A8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*", matchCriteriaId: "744B5953-511F-42CA-80A0-DBE36A6AA144", versionEndExcluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*", matchCriteriaId: "496E3C43-5DA8-4983-8AC6-0F32454E22F3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:16:update1:*:*:*:*:*:*", matchCriteriaId: "17BCC3CD-61D0-416D-A241-D35AF8EE5BF8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "13E3BDF0-B691-4A97-A74A-A65EC910480E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*", matchCriteriaId: "D61D4B81-7F51-49BE-83DD-D2C28D23B0EA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_prosave:*:*:*:*:*:*:*:*", matchCriteriaId: "CB7752CF-D754-4A78-999B-45FE379E03DE", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "658E1A3F-29D6-48D2-BCCE-0BCC41AC49F6", versionEndExcluding: "21.8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "CAF09D6E-3375-4731-B16D-30B7592EA5FB", versionEndExcluding: "5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "1A3CA33C-AFAB-418F-870F-0236B8E55943", versionEndIncluding: "16", versionStartIncluding: "13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:-:*:*:*:*:*:*", matchCriteriaId: "851F8474-4568-487D-98FB-47DF7EAEAC3B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp1:*:*:*:*:*:*", matchCriteriaId: "81EADA2F-884C-4D72-8489-71025B3EBAEE", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2:*:*:*:*:*:*", matchCriteriaId: "78366D2F-B728-47F6-B539-5FB2D1B0419D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2_hotfix1:*:*:*:*:*:*", matchCriteriaId: "06A86DA0-BC1F-4306-B02E-ED2FA36BE273", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "3F39B396-140B-4005-9A61-F984C9FAF742", versionEndExcluding: "7.4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*", matchCriteriaId: "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*", matchCriteriaId: "2637C346-8AAF-481F-AFB0-BAD4254D14F4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "BF8404AB-579E-4C6B-BCA7-E95F2CE24F7D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update10:*:*:*:*:*:*", matchCriteriaId: "88F6B3BF-727F-432E-89D8-37FB7C76FE2B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update11:*:*:*:*:*:*", matchCriteriaId: "62EB588C-CBB4-4B17-9BB5-B14B1FC6BB21", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update12:*:*:*:*:*:*", matchCriteriaId: "AF3F613C-6707-4517-B4B8-530C912B79E6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update13:*:*:*:*:*:*", matchCriteriaId: "590F62CE-9245-4AC9-9FBC-35136E217B0E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "241D5A28-FB22-4C5B-A067-733168E847BF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update3:*:*:*:*:*:*", matchCriteriaId: "A5418F92-84A9-439C-B86C-ED5820697603", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update4:*:*:*:*:*:*", matchCriteriaId: "40631FBD-116B-4589-B77A-6C5A69990F73", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update5:*:*:*:*:*:*", matchCriteriaId: "64B14972-6163-4D44-A9C6-16328E02AC69", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update6:*:*:*:*:*:*", matchCriteriaId: "8929E926-740F-4F17-B52C-4C73914B1818", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update7:*:*:*:*:*:*", matchCriteriaId: "D4F72666-D10A-4EB2-80D3-18B04C101256", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update8:*:*:*:*:*:*", matchCriteriaId: "0E343221-1E1A-4EE7-80AE-AB24E2244BA0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update9:*:*:*:*:*:*", matchCriteriaId: "1BF716D7-0A77-400F-9B43-64FBE3E65735", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*", matchCriteriaId: "E79DA14E-419C-49BA-8E4F-2907E1D8937F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*", matchCriteriaId: "81F9C13C-065C-4E40-BB46-687D791348A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "5CF06E69-0A23-418D-B0EC-574DACBB4DD9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "9164EAC1-C416-4F1F-A910-CE84A167A6D1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.16:*:*:*:*:*:*:*", matchCriteriaId: "4B9ED7EF-EF58-400F-92C9-3D52D8E39783", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.17:*:*:*:*:*:*:*", matchCriteriaId: "1C3F9210-7A1E-4B10-B384-119FD5733A86", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*", matchCriteriaId: "79EE15DC-74D3-4551-AAD0-EA0CB600DA76", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*", matchCriteriaId: "3C9253AD-BD82-4BB2-84AD-EB1892B60358", versionEndIncluding: "16", versionStartIncluding: "13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_startdrive:*:*:*:*:*:*:*:*", matchCriteriaId: "C11DB09A-74E1-45EF-A162-9C1E91F54C04", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_starter_commissioning_tool:*:*:*:*:*:*:*:*", matchCriteriaId: "1976CDDA-F2AF-4C47-804E-2C1DF44FBF41", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_network_management_system:*:*:*:*:*:*:*:*", matchCriteriaId: "52F7076E-12F7-4F62-9804-18598C39D3FF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C55DA617-6333-40DA-AB7D-EE49A453E143", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinumerik_one_virtual:*:*:*:*:*:*:*:*", matchCriteriaId: "A607E4B7-2F58-4F68-91EB-16874986E92F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinumerik_operate:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC5C25-EC3C-4EB6-B5B2-478AE9CEF10F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC Automation Tool (Todas las versiones anteriores a la versión V4 SP2), SIMATIC NET PC Software V14 (Todas las versiones anteriores a la versión V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a la versión V16 Upd3), SIMATIC PCS neo (Todas las versiones anteriores a la versión V3.0 SP1), SIMATIC ProSave (Todas las versiones anteriores a la versión V17), SIMATIC S7-1500 Software Controller (Todas las versiones anteriores a la versión V21. 8), SIMATIC STEP 7 (Todas las versiones anteriores a la versión V5.6 SP2 HF3), SIMATIC STEP 7 (TIA Portal) V13 (Todas las versiones anteriores a la versión V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (Todas las versiones anteriores a la versión V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a la versión V15. 1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC OA V3.16 (Todas las versiones anteriores a la versión V3.16 P018), SIMATIC WinCC OA V3. 17 (Todas las versiones anteriores a la versión V3.17 P003), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC Runtime Professional V13 (Todas las versiones anteriores a la versión V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (Todas las versiones anteriores a la versión V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (Todas las versiones anteriores a la versión V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC V7. 4 (Todas las versiones anteriores a la versión V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (Todas las versiones anteriores a la versión V7.5 SP1 Update 3), SINAMICS STARTER (Todas las versiones anteriores a la versión V5.4 HF2), SINAMICS Startdrive (Todas las versiones anteriores a la versión V16 Update 3), SINEC NMS (Todas las versiones anteriores a la versión V1. 0 SP2), SINEMA Server (Todas las versiones anteriores a la versión V14 SP3), SINUMERIK ONE virtual (Todas las versiones anteriores a la versión V6.14), SINUMERIK Operate (Todas las versiones anteriores a la versión V6.14). Un componente dentro de la aplicación afectada llama regularmente a un binario de ayuda con privilegios de SISTEMA mientras la ruta de llamada no está citada", }, ], id: "CVE-2020-7580", lastModified: "2024-11-21T05:37:24.840", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-10T17:15:12.347", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-428", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-428", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-14 14:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | opcenter_execution_discrete | * | |
| siemens | opcenter_execution_foundation | * | |
| siemens | opcenter_execution_process | * | |
| siemens | opcenter_intelligence | * | |
| siemens | opcenter_quality | * | |
| siemens | opcenter_rd\&l | 8.0 | |
| siemens | simatic_it_lms | * | |
| siemens | simatic_it_production_suite | * | |
| siemens | simatic_notifier_server | * | |
| siemens | simatic_pcs_neo | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 16 | |
| siemens | simatic_step_7 | 16 | |
| siemens | simocode_es | * | |
| siemens | soft_starter_es | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:opcenter_execution_discrete:*:*:*:*:*:*:*:*", matchCriteriaId: "F33BF89C-F36E-4C8F-ABB9-579E2022DDA6", versionEndExcluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_execution_foundation:*:*:*:*:*:*:*:*", matchCriteriaId: "1DCE5E06-B75F-4D21-96CC-70DD373B1811", versionEndExcluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_execution_process:*:*:*:*:*:*:*:*", matchCriteriaId: "C4DD5C57-5877-495C-A01E-747E5DCED9F7", versionEndExcluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*", matchCriteriaId: "FA9BAFAE-C26A-4435-80C1-508F0A3EF768", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*", matchCriteriaId: "9DB2F53B-817C-41F3-9B52-85DE702ACCE5", versionEndExcluding: "11.3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_rd\\&l:8.0:*:*:*:*:*:*:*", matchCriteriaId: "EE037602-C9E8-45D5-9A44-3B73052F478E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_it_lms:*:*:*:*:*:*:*:*", matchCriteriaId: "524AE90C-821A-4864-B3B2-33C083B536CB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_it_production_suite:*:*:*:*:*:*:*:*", matchCriteriaId: "E6324685-60ED-44CC-BAEA-3BEEBE681AC5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_notifier_server:*:*:*:*:*:windows:*:*", matchCriteriaId: "DE74021F-CE57-42CC-8093-E1B0352410FA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*", matchCriteriaId: "D61D4B81-7F51-49BE-83DD-D2C28D23B0EA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "2190AEE1-7EEA-48A9-B6C7-FF4B3A26008E", versionEndIncluding: "15.1", versionStartIncluding: "15", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*", matchCriteriaId: "66CB66B9-176E-4FA3-BC67-E7C5972A307C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:16:update_1:*:*:*:*:*:*", matchCriteriaId: "4E011D6F-CC5F-4278-80AB-D568730AA041", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simocode_es:*:*:*:*:*:*:*:*", matchCriteriaId: "CE934FDC-666F-4D9D-9C03-2896875F0A0D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:soft_starter_es:*:*:*:*:*:*:*:*", matchCriteriaId: "FA57190F-97BA-4D1D-BC73-F37162B775F9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en Opcenter Execution Discrete (Todas las versiones anteriores a V3.2), Opcenter Execution Foundation (Todas las versiones anteriores a V3.2), Opcenter Execution Process (Todas las versiones anteriores a V3.2), Opcenter Intelligence (Todas las versiones anteriores a V3.3), Opcenter Quality (Todas las versiones anteriores a V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (Todas las versiones anteriores a V2.6), SIMATIC IT Production Suite (Todas las versiones anteriores a V8. 0), SIMATIC Notifier Server for Windows (Todas las versiones), SIMATIC PCS neo (Todas las versiones anteriores a V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 2), SIMOCODE ES V15. 1 (Todas las versiones anteriores a V15.1 Update 4), SIMOCODE ES V16 (Todas las versiones anteriores a V16 Update 1), Soft Starter ES V15.1 (Todas las versiones anteriores a V15.1 Update 3), Soft Starter ES V16 (Todas las versiones anteriores a V16 Update 1). El envío de un paquete especialmente diseñado al servicio afectado podría causar una denegación de servicio remota parcial, que haría que el servicio se reiniciara", }, ], id: "CVE-2020-7588", lastModified: "2024-11-21T05:37:25.660", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-14T14:15:18.993", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2016-10-13 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/93551 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf | Vendor Advisory | |
| cve@mitre.org | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03 | Mitigation, Patch, Third Party Advisory, US Government Resource, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93551 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03 | Mitigation, Patch, Third Party Advisory, US Government Resource, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_step_7 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "86CBA385-0DE2-457E-906E-23526D8DD986", versionEndIncluding: "13.010", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors.", }, { lang: "es", value: "Siemens SIMATIC STEP 7 (TIA Portal) en versiones anteriores a 14 utiliza un formato indebido para la gestión de archivos de proyectos TIA durante las actualizaciones de versión, lo que hace que sea más fácil para usuarios locales obtener información de configuración sensible a través de vectores no especificados.", }, ], id: "CVE-2016-7960", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 2.5, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 1, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-10-13T10:59:01.817", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93551", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Patch", "Third Party Advisory", "US Government Resource", "VDB Entry", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93551", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Third Party Advisory", "US Government Resource", "VDB Entry", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-04-06 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 12.0 | |
| siemens | simatic_step_7 | 13.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:sp1:*:*:*:*:*:*", matchCriteriaId: "F51DA6BD-D218-4264-9471-F39618003D29", versionEndIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:12.0:*:*:*:*:*:*:*", matchCriteriaId: "69307B0A-FF11-4D59-AEF2-CABB9CC1916E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:13.0:*:*:*:*:*:*:*", matchCriteriaId: "B280E356-9CC6-4A65-BFF7-9A2A057822F1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files.", }, { lang: "es", value: "Siemens SIMATIC STEP 7 (TIA Portal) 12 y 13 anterior a 13 SP1 Upd1 almacena incorrectamente los datos de contraseñas dentro de ficheros de proyectos, lo que facilita a usuarios locales determinar (1) contraseñas del nivel de protección en texto claro o (2) contraseñas del servidor web en texto claro mediante el aprovechamiento de la habilidad de leer estos ficheros.", }, ], id: "CVE-2015-1602", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-04-06T01:59:03.090", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-14 14:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | opcenter_execution_discrete | * | |
| siemens | opcenter_execution_foundation | * | |
| siemens | opcenter_execution_process | * | |
| siemens | opcenter_intelligence | * | |
| siemens | opcenter_quality | * | |
| siemens | opcenter_rd\&l | 8.0 | |
| siemens | simatic_it_lms | * | |
| siemens | simatic_it_production_suite | * | |
| siemens | simatic_notifier_server | * | |
| siemens | simatic_pcs_neo | * | |
| siemens | simatic_pcs_neo | 3.0 | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 15.1 | |
| siemens | simatic_step_7 | 16 | |
| siemens | simatic_step_7 | 16 | |
| siemens | simocode_es | * | |
| siemens | simocode_es | 15.1 | |
| siemens | simocode_es | 16 | |
| siemens | soft_starter_es | * | |
| siemens | soft_starter_es | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:opcenter_execution_discrete:*:*:*:*:*:*:*:*", matchCriteriaId: "F33BF89C-F36E-4C8F-ABB9-579E2022DDA6", versionEndExcluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_execution_foundation:*:*:*:*:*:*:*:*", matchCriteriaId: "1DCE5E06-B75F-4D21-96CC-70DD373B1811", versionEndExcluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_execution_process:*:*:*:*:*:*:*:*", matchCriteriaId: "C4DD5C57-5877-495C-A01E-747E5DCED9F7", versionEndExcluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*", matchCriteriaId: "E927136F-3870-47AD-BE56-C83FBD7BB7E9", versionEndExcluding: "3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*", matchCriteriaId: "9DB2F53B-817C-41F3-9B52-85DE702ACCE5", versionEndExcluding: "11.3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_rd\\&l:8.0:*:*:*:*:*:*:*", matchCriteriaId: "EE037602-C9E8-45D5-9A44-3B73052F478E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_it_lms:*:*:*:*:*:*:*:*", matchCriteriaId: "0F8E56A4-77DB-4938-93E5-2CA22222FD6A", versionEndExcluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_it_production_suite:*:*:*:*:*:*:*:*", matchCriteriaId: "218D5A8B-FC2D-440C-B853-35E93A025A6E", versionEndExcluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_notifier_server:*:*:*:*:*:windows:*:*", matchCriteriaId: "DE74021F-CE57-42CC-8093-E1B0352410FA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*", matchCriteriaId: "32A732D2-5E9E-4C8B-93C1-2E0BEBA7B327", versionEndExcluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_neo:3.0:-:*:*:*:*:*:*", matchCriteriaId: "B275D75A-1869-4660-A1FF-837A9C0F874B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "6729BE2B-6729-4041-BC8C-2AD039467B9A", versionEndExcluding: "15.1", versionStartIncluding: "15", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:15.1:-:*:*:*:*:*:*", matchCriteriaId: "C470C8EF-BBF5-4940-944E-2460BA6D8A27", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*", matchCriteriaId: "66CB66B9-176E-4FA3-BC67-E7C5972A307C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:16:update1:*:*:*:*:*:*", matchCriteriaId: "EF2D6947-576B-4CA7-B4E4-F0B428FA5ABB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simocode_es:*:*:*:*:*:*:*:*", matchCriteriaId: "098E9BE1-D698-4DE5-96C1-DF0B3806C935", versionEndExcluding: "15.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simocode_es:15.1:-:*:*:*:*:*:*", matchCriteriaId: "8DA3C5DB-8D27-4CDD-AA93-ABE1EE021CAF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simocode_es:16:-:*:*:*:*:*:*", matchCriteriaId: "8829878A-34E1-44D5-B4BC-12CF67CB58C2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:soft_starter_es:*:*:*:*:*:*:*:*", matchCriteriaId: "D1E0C95F-8201-4F04-99A6-62B9684BF35F", versionEndExcluding: "15.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:soft_starter_es:15.1:-:*:*:*:*:*:*", matchCriteriaId: "7039A3C6-5DE3-4980-8A2F-A05928561673", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en Opcenter Execution Discrete (Todas las versiones anteriores a V3.2), Opcenter Execution Foundation (Todas las versiones anteriores a V3.2), Opcenter Execution Process (Todas las versiones anteriores a V3.2), Opcenter Intelligence (Todas las versiones anteriores a V3.3), Opcenter Quality (Todas las versiones anteriores a V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (Todas las versiones anteriores a V2.6), SIMATIC IT Production Suite (Todas las versiones anteriores a V8. 0), SIMATIC Notifier Server for Windows (Todas las versiones), SIMATIC PCS neo (Todas las versiones anteriores a V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 2), SIMOCODE ES V15. 1 (Todas las versiones anteriores a V15.1 Update 4), SIMOCODE ES V16 (Todas las versiones anteriores a V16 Update 1), Soft Starter ES V15.1 (Todas las versiones anteriores a V15.1 Update 3), Soft Starter ES V16 (Todas las versiones anteriores a V16 Update 1). El envío de múltiples paquetes especialmente diseñados al servicio afectado podría causar una denegación de servicio remota parcial, que haría que el servicio se reiniciara. En algunos casos la vulnerabilidad podría filtrar información aleatoria del servicio remoto", }, ], id: "CVE-2020-7587", lastModified: "2024-11-21T05:37:25.533", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-14T14:15:18.930", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-18 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_step_7 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "1E429A7F-72D9-4491-9946-3D41E285FA88", versionEndIncluding: "13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file.", }, { lang: "es", value: "Siemens SIMATIC STEP 7 (TIA Portal) anterior a 13 SP1 determina los privilegios de un usuario basándose en campos de ficheros de proyectos que no tienen la protección de integridad, lo que permite a atacantes remotos establecer una autorización arbitraria a través de un fichero modificado.", }, ], id: "CVE-2015-1356", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-18T02:59:06.703", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-10 17:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | ||
| productcert@siemens.com | https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_process_device_manager | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | sinamics_starter | * | |
| siemens | sinamics_starter | 5.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "13E3BDF0-B691-4A97-A74A-A65EC910480E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_process_device_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "50C02E17-87F5-47DB-B4F3-EFC44B0DFC88", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "CAF09D6E-3375-4731-B16D-30B7592EA5FB", versionEndExcluding: "5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:-:*:*:*:*:*:*", matchCriteriaId: "851F8474-4568-487D-98FB-47DF7EAEAC3B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp1:*:*:*:*:*:*", matchCriteriaId: "81EADA2F-884C-4D72-8489-71025B3EBAEE", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2:*:*:*:*:*:*", matchCriteriaId: "78366D2F-B728-47F6-B539-5FB2D1B0419D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2_hotfix1:*:*:*:*:*:*", matchCriteriaId: "06A86DA0-BC1F-4306-B02E-ED2FA36BE273", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_starter:*:*:*:*:*:*:*:*", matchCriteriaId: "23020179-5112-48A8-BA76-EB6C073867BF", versionEndExcluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_starter:5.4:-:*:*:*:*:*:*", matchCriteriaId: "E04348B3-6DAC-49E2-A612-FE0A3166776B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9.0 SP3), SIMATIC PDM (Todas las versiones anteriores a V9.2), SIMATIC STEP 7 V5.X (Todas las versiones anteriores a V5.6 SP2 HF3), SINAMICS STARTER (que contiene la versión OEM de STEP 7) (Todas las versiones anteriores a V5.4 HF2). Una vulnerabilidad de Secuestro de DLL podría permitir a un atacante local ejecutar código con privilegios elevados. La vulnerabilidad de seguridad podría ser explotada por parte de un atacante con acceso local a los sistemas afectados. Una explotación con éxito requiere privilegios de usuario pero no interacción del usuario. La vulnerabilidad podría permitir a un atacante comprometer la disponibilidad del sistema, así como tener acceso a información confidencial", }, ], id: "CVE-2020-7585", lastModified: "2024-11-21T05:37:25.310", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-10T17:15:12.457", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { source: "productcert@siemens.com", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-427", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-427", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 07:30
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate user in the hardware configuration of the affected application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_step_7 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "F77226E4-F3B3-4D3B-B944-17CED48BD73A", versionEndExcluding: "19", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate user in the hardware configuration of the affected application.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC STEP 7 (TIA Portal) (todas las versiones < V19). Una vulnerabilidad de divulgación de información podría permitir a un atacante local obtener acceso a la contraseña de nivel de acceso de las CPU SIMATIC S7-1200 y S7-1500, cuando la ingresa un usuario legítimo en la configuración de hardware de la aplicación afectada.", }, ], id: "CVE-2022-46141", lastModified: "2024-11-21T07:30:10.817", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.6, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-12T12:15:10.003", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-887801.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-887801.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-316", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-312", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-10-13 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/93551 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf | Vendor Advisory | |
| cve@mitre.org | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93551 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_step_7 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "86CBA385-0DE2-457E-906E-23526D8DD986", versionEndIncluding: "13.010", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack.", }, { lang: "es", value: "Siemens SIMATIC STEP 7 (TIA Portal) en versiones anteriores a 14 almacena indebidamente los datos clave pre-compartidos en archivos de proyecto TIA, lo que hace más que sea más fácil para usuarios locales obtener información sensible aprovechando el acceso a un archivo y llevando a cabo un ataque de fuerza bruta.", }, ], id: "CVE-2016-7959", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-10-13T10:59:00.143", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93551", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", }, { source: "cve@mitre.org", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93551", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-254", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-13 11:15
Modified
2024-11-21 06:06
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7_firmware | * | |
| siemens | simatic_pcs_7_firmware | 9.0 | |
| siemens | simatic_pcs_7 | - | |
| siemens | simatic_pdm_firmware | - | |
| siemens | simatic_pdm | - | |
| siemens | simatic_step_7_firmware | * | |
| siemens | simatic_step_7 | - | |
| siemens | sinamics_starter_firmware | * | |
| siemens | sinamics_starter_firmware | 5.4 | |
| siemens | sinamics_starter_firmware | 5.4 | |
| siemens | sinamics_starter_firmware | 5.4 | |
| siemens | sinamics_starter_firmware | 5.4 | |
| siemens | sinamics_starter_firmware | 5.4 | |
| siemens | sinamics_starter_firmware | 5.4 | |
| siemens | sinamics_starter | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pcs_7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "943D8B33-182B-4E6F-9318-D7AEC1CB09C5", versionEndIncluding: "8.2", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_pcs_7_firmware:9.0:*:*:*:*:*:*:*", matchCriteriaId: "EF59BB59-530E-41D7-8D5B-090C0FDBDDB1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pcs_7:-:*:*:*:*:*:*:*", matchCriteriaId: "5EEFB170-B4B0-4A0E-8828-9491446033A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pdm_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "311060D9-5691-4C4C-9CB6-14F25CBA4DB0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*", matchCriteriaId: "E092B735-42D5-48D5-947B-288C0FA2E180", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_step_7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2CE4FB98-0276-4573-BAD7-04CE7F7E025E", versionEndExcluding: "5.7", versionStartIncluding: "5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_step_7:-:*:*:*:*:*:*:*", matchCriteriaId: "FB1FE00B-0613-4819-8D50-A5A0B6A190D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACF25F6B-8DC4-4835-AE2F-2E03D3FA4C8C", versionEndExcluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:-:*:*:*:*:*:*", matchCriteriaId: "4D01AB88-A23C-4105-9D5C-DEAA8C2AAFE9", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hf1:*:*:*:*:*:*", matchCriteriaId: "F5953F96-3995-4974-9D73-EA32BF4DE53B", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hf2:*:*:*:*:*:*", matchCriteriaId: "D8793ACD-F4C9-4954-856A-ECB57A2BE990", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:sp1:*:*:*:*:*:*", matchCriteriaId: "FABF5C1B-F79B-4CB4-9340-A0D61EF151A9", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:sp1_hf1:*:*:*:*:*:*", matchCriteriaId: "104FAEB7-9C81-49B2-8F06-7E5FDA87BD98", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:sp2:*:*:*:*:*:*", matchCriteriaId: "5973C248-327A-44C4-B913-1327270E64D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_starter:-:*:*:*:*:*:*:*", matchCriteriaId: "C3E8B354-CB0D-40F1-BC2B-C2355974C2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 V9.X (Todas las versiones anteriores a V9.1 SP2), SIMATIC PDM (Todas las versiones anteriores a V9.2 SP2), SIMATIC STEP 7 V5.X (Todas las versiones anteriores a V5.7), SINAMICS STARTER (que contiene la versión OEM de STEP 7) (Todas las versiones anteriores a V5.4 SP2 HF1). Un directorio que contiene metafichas relevantes para las configuraciones de los dispositivos tiene permisos de escritura. Un atacante podría aprovechar esta vulnerabilidad cambiando el contenido de ciertos metaficheros y posteriormente manipular los parámetros o el comportamiento de los dispositivos que posteriormente serían configurados por el software afectado", }, ], id: "CVE-2021-31894", lastModified: "2024-11-21T06:06:27.113", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-13T11:15:09.603", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-732", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-12 09:15
Modified
2024-11-21 06:27
Severity ?
Summary
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 16 | |
| siemens | simatic_step_7 | 16 | |
| siemens | simatic_step_7 | 16 | |
| siemens | simatic_step_7 | 16 | |
| siemens | simatic_step_7 | 16 | |
| siemens | simatic_step_7 | 17 | |
| siemens | simatic_step_7 | 17 | |
| siemens | simatic_s7-1200_cpu | - | |
| siemens | simatic_s7-1200_cpu_1211c | - | |
| siemens | simatic_s7-1200_cpu_1212c | - | |
| siemens | simatic_s7-1200_cpu_1212fc | - | |
| siemens | simatic_s7-1200_cpu_1214_fc | - | |
| siemens | simatic_s7-1200_cpu_1214c | - | |
| siemens | simatic_s7-1200_cpu_1214fc | - | |
| siemens | simatic_s7-1200_cpu_1215_fc | - | |
| siemens | simatic_s7-1200_cpu_1215c | - | |
| siemens | simatic_s7-1200_cpu_1215fc | - | |
| siemens | simatic_s7-1200_cpu_1217c | - | |
| siemens | simatic_s7-1500_cpu | - | |
| siemens | simatic_s7-1500_cpu_1507s | - | |
| siemens | simatic_s7-1500_cpu_1507s_f | - | |
| siemens | simatic_s7-1500_cpu_1508s | - | |
| siemens | simatic_s7-1500_cpu_1508s_f | - | |
| siemens | simatic_s7-1500_cpu_1510sp | - | |
| siemens | simatic_s7-1500_cpu_1510sp-1 | - | |
| siemens | simatic_s7-1500_cpu_1511-1 | - | |
| siemens | simatic_s7-1500_cpu_1511-1_pn | - | |
| siemens | simatic_s7-1500_cpu_1511c | - | |
| siemens | simatic_s7-1500_cpu_1511c-1 | - | |
| siemens | simatic_s7-1500_cpu_1511f-1 | - | |
| siemens | simatic_s7-1500_cpu_1511f-1_pn | - | |
| siemens | simatic_s7-1500_cpu_1511t-1 | - | |
| siemens | simatic_s7-1500_cpu_1511tf-1 | - | |
| siemens | simatic_s7-1500_cpu_1512c | - | |
| siemens | simatic_s7-1500_cpu_1512c-1 | - | |
| siemens | simatic_s7-1500_cpu_1512sp-1 | - | |
| siemens | simatic_s7-1500_cpu_1512spf-1 | - | |
| siemens | simatic_s7-1500_cpu_1513-1 | - | |
| siemens | simatic_s7-1500_cpu_1513-1_pn | - | |
| siemens | simatic_s7-1500_cpu_1513f-1 | - | |
| siemens | simatic_s7-1500_cpu_1513f-1_pn | - | |
| siemens | simatic_s7-1500_cpu_1513r-1 | - | |
| siemens | simatic_s7-1500_cpu_1515-2 | - | |
| siemens | simatic_s7-1500_cpu_1515-2_pn | - | |
| siemens | simatic_s7-1500_cpu_1515f-2 | - | |
| siemens | simatic_s7-1500_cpu_1515f-2_pn | - | |
| siemens | simatic_s7-1500_cpu_1515r-2 | - | |
| siemens | simatic_s7-1500_cpu_1515t-2 | - | |
| siemens | simatic_s7-1500_cpu_1515tf-2 | - | |
| siemens | simatic_s7-1500_cpu_1516-3 | - | |
| siemens | simatic_s7-1500_cpu_1516-3_dp | - | |
| siemens | simatic_s7-1500_cpu_1516-3_pn | - | |
| siemens | simatic_s7-1500_cpu_1516-3_pn\/dp | - | |
| siemens | simatic_s7-1500_cpu_1516f-3 | - | |
| siemens | simatic_s7-1500_cpu_1516f-3_pn\/dp | - | |
| siemens | simatic_s7-1500_cpu_1516pro-2 | - | |
| siemens | simatic_s7-1500_cpu_1516pro_f | - | |
| siemens | simatic_s7-1500_cpu_1516t-3 | - | |
| siemens | simatic_s7-1500_cpu_1516tf-3 | - | |
| siemens | simatic_s7-1500_cpu_1517-3 | - | |
| siemens | simatic_s7-1500_cpu_1517-3_dp | - | |
| siemens | simatic_s7-1500_cpu_1517-3_pn | - | |
| siemens | simatic_s7-1500_cpu_1517-3_pn\/dp | - | |
| siemens | simatic_s7-1500_cpu_1517f-3 | - | |
| siemens | simatic_s7-1500_cpu_1517f-3_pn\/dp | - | |
| siemens | simatic_s7-1500_cpu_1517tf-3 | - | |
| siemens | simatic_s7-1500_cpu_1518 | - | |
| siemens | simatic_s7-1500_cpu_1518-4 | - | |
| siemens | simatic_s7-1500_cpu_1518-4_dp | - | |
| siemens | simatic_s7-1500_cpu_1518-4_pn | - | |
| siemens | simatic_s7-1500_cpu_1518-4_pn\/dp | - | |
| siemens | simatic_s7-1500_cpu_1518-4_pn\/dp_mfp | - | |
| siemens | simatic_s7-1500_cpu_1518f-4 | - | |
| siemens | simatic_s7-1500_cpu_1518f-4_pn\/dp | - | |
| siemens | simatic_s7-1500_cpu_1518hf-4 | - | |
| siemens | simatic_s7-1500_cpu_1518t-4 | - | |
| siemens | simatic_s7-1500_cpu_1518tf-4 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "BBCA2BFB-EEEB-4722-AC33-CBBFE92289BC", versionEndExcluding: "16", versionStartIncluding: "15", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*", matchCriteriaId: "66CB66B9-176E-4FA3-BC67-E7C5972A307C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:16:update1:*:*:*:*:*:*", matchCriteriaId: "EF2D6947-576B-4CA7-B4E4-F0B428FA5ABB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:16:update2:*:*:*:*:*:*", matchCriteriaId: "70AA41B2-8C18-4436-8C77-E6391EB0D8C9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:16:update3:*:*:*:*:*:*", matchCriteriaId: "0AF2FE58-C7FC-4FD6-8026-E23AEAAA29CB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:16:update4:*:*:*:*:*:*", matchCriteriaId: "C22708F4-5386-4C7A-B11A-677B8DDC36A0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:17:-:*:*:*:*:*:*", matchCriteriaId: "211B89EA-80D2-441D-8CD6-693CCB1407F7", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:17:update1:*:*:*:*:*:*", matchCriteriaId: "7B23F0A5-8F54-407F-9DE1-30B10BAC6D85", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu:-:*:*:*:*:*:*:*", matchCriteriaId: "F2B63726-10CE-46AB-ADBA-A511E770E162", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1211c:-:*:*:*:*:*:*:*", matchCriteriaId: "3871C0C9-C65E-4E0B-9CA8-75E60066297F", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212c:-:*:*:*:*:*:*:*", matchCriteriaId: "07849777-92E7-41D2-9128-F8D20DE15391", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212fc:-:*:*:*:*:*:*:*", matchCriteriaId: "68B3573B-A31E-4489-B2DD-B01B5C1D03CB", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*", matchCriteriaId: "B640800C-9263-4BEA-9DA5-1323932540BD", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214c:-:*:*:*:*:*:*:*", matchCriteriaId: "FE17584A-BF7A-48B8-A9CB-477663766C63", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214fc:-:*:*:*:*:*:*:*", matchCriteriaId: "EDE46D66-A6B6-4554-8642-7F3E7E3AA22D", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215_fc:-:*:*:*:*:*:*:*", matchCriteriaId: "76C7D55C-8D99-4E2F-A254-1BDE2B12A203", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215c:-:*:*:*:*:*:*:*", matchCriteriaId: "CC4698CF-F935-4707-BA91-7E3650C7956C", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215fc:-:*:*:*:*:*:*:*", matchCriteriaId: "4866FF7B-B34A-4828-94A8-BD0A0B6F4C88", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1217c:-:*:*:*:*:*:*:*", matchCriteriaId: "232279DE-CF1C-4A3C-886D-B4CE3F104F09", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu:-:*:*:*:*:*:*:*", matchCriteriaId: "01048F7F-9C5B-47C0-AE16-321FCA670F3D", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1507s:-:*:*:*:*:*:*:*", matchCriteriaId: "39C1392C-38E2-4AF9-AF17-91B93BC6B9B8", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1507s_f:-:*:*:*:*:*:*:*", matchCriteriaId: "F1ED29DF-8AC0-4BB6-ACE2-EBC0A2B87F96", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1508s:-:*:*:*:*:*:*:*", matchCriteriaId: "46CBD063-6CF0-45E6-A9D1-C7F8709806AA", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1508s_f:-:*:*:*:*:*:*:*", matchCriteriaId: "A2079B95-E885-4490-BCEA-62BBEAF9CB51", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1510sp:-:*:*:*:*:*:*:*", matchCriteriaId: "9D7ECCF7-E3EE-46A0-BC03-51AAEBCD03EE", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1510sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "38232B80-9EDE-4BE4-BD4C-0E84B18EC39A", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511-1:-:*:*:*:*:*:*:*", matchCriteriaId: "D8B9B76B-D790-44B9-AC2A-7E0719C4D56C", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511-1_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "F62F4050-F6C9-4C8F-8E09-F0AEEDB6B1FC", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511c:-:*:*:*:*:*:*:*", matchCriteriaId: "822894D4-96D5-4BDC-A698-D31262BCF422", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511c-1:-:*:*:*:*:*:*:*", matchCriteriaId: "3F580D0D-F406-4586-9C54-EF44703FDA30", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511f-1:-:*:*:*:*:*:*:*", matchCriteriaId: "A6B51EFC-2168-4B28-9527-A8DC62781709", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511f-1_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "3A3E8A67-2A29-4DE9-AF1B-D74A42D55D1E", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511t-1:-:*:*:*:*:*:*:*", matchCriteriaId: "DBA72709-BC38-425F-8EBD-FE16C5A86140", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511tf-1:-:*:*:*:*:*:*:*", matchCriteriaId: "6E76D7BD-0529-4A51-9866-8AF5241A5184", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512c:-:*:*:*:*:*:*:*", matchCriteriaId: "D2E24A4C-AC13-4382-BDF6-E13878FED4DC", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512c-1:-:*:*:*:*:*:*:*", matchCriteriaId: "D7933577-8564-4DE4-AAED-62F87E3C3353", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "A0E822C9-6983-4CC6-BC51-822563DF7BCE", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512spf-1:-:*:*:*:*:*:*:*", matchCriteriaId: "77BD8110-76B4-4D5C-BFF7-E5F1D0EA9CD6", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513-1:-:*:*:*:*:*:*:*", matchCriteriaId: "2E7889F5-D499-41A6-B1BB-264F988884D8", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513-1_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "D6663D66-5127-4F5D-B39D-50D3F88F4435", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513f-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F2962FF0-D865-4D15-B1A7-EFC0501972A6", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513f-1_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "69DE61DE-5B71-4F35-AC4F-C6EC24A7DDAA", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513r-1:-:*:*:*:*:*:*:*", matchCriteriaId: "7E2F34DF-3A55-49A4-9A9C-80C99B367079", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515-2:-:*:*:*:*:*:*:*", matchCriteriaId: "EB7605AF-2B00-49DD-BC32-37E6CF9ED625", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515-2_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "ABE9C79B-52A3-45F4-9DA5-6D61A6BF7753", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515f-2:-:*:*:*:*:*:*:*", matchCriteriaId: "21A4E04A-EB99-4AB2-9B30-C70DB11A6C8D", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515f-2_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "EDE82551-008D-4B75-BDB5-3DD30ADD1863", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515r-2:-:*:*:*:*:*:*:*", matchCriteriaId: "EA0AEBFA-682F-4F5D-8FAA-D517AE3B3D0C", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515t-2:-:*:*:*:*:*:*:*", matchCriteriaId: "D7BC3993-1CB0-4C1D-BC04-ED69BA814B24", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515tf-2:-:*:*:*:*:*:*:*", matchCriteriaId: "89839624-6FA1-4377-A3B4-9CB704555E2B", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3:-:*:*:*:*:*:*:*", matchCriteriaId: "B6D611B2-4D81-4838-B612-8D17196A5B78", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_dp:-:*:*:*:*:*:*:*", matchCriteriaId: "B5FD1F20-E507-4422-814D-19614CDB49B7", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "439E1B3E-7174-4BAC-A11A-F4F37ABB7291", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_pn\\/dp:-:*:*:*:*:*:*:*", matchCriteriaId: "A5C12961-CCF4-4248-9E43-8866671A257A", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516f-3:-:*:*:*:*:*:*:*", matchCriteriaId: "44C84DC4-1E8C-431B-AF23-AA86CE316928", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516f-3_pn\\/dp:-:*:*:*:*:*:*:*", matchCriteriaId: "5787D689-D80C-47BC-A0C2-E45E0FAD49D9", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516pro-2:-:*:*:*:*:*:*:*", matchCriteriaId: "AD3A239E-41CB-4222-8146-745B15C206C3", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516pro_f:-:*:*:*:*:*:*:*", matchCriteriaId: "298EF297-949E-45E9-9A57-8D07986DED10", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516t-3:-:*:*:*:*:*:*:*", matchCriteriaId: "27653C38-64A3-4DE2-8B65-BBC356A396AE", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516tf-3:-:*:*:*:*:*:*:*", matchCriteriaId: "A66C6524-9076-4C4E-B518-586BB1FF7107", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3:-:*:*:*:*:*:*:*", matchCriteriaId: "C03BFBC2-E30D-4DAF-BDE0-06F97D1A0E92", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3_dp:-:*:*:*:*:*:*:*", matchCriteriaId: "ABE53C35-490A-498B-8CAB-B874C0E17AF1", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "4C44E126-E4D9-44D8-B8B9-10F060D63A2B", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3_pn\\/dp:-:*:*:*:*:*:*:*", matchCriteriaId: "984F6E53-482D-4282-BBAA-87B0375310FA", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517f-3:-:*:*:*:*:*:*:*", matchCriteriaId: "3F4C4030-4BFE-4EA0-9967-F77EEB5113E0", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517f-3_pn\\/dp:-:*:*:*:*:*:*:*", matchCriteriaId: "DB2327DF-ADA4-453E-A35E-E986D822F1E7", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517tf-3:-:*:*:*:*:*:*:*", matchCriteriaId: "E1BD045A-0DC6-4D6F-A596-B24ECA84936B", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518:-:*:*:*:*:*:*:*", matchCriteriaId: "BE0BA68C-EB57-49CE-94A8-E7905AB79824", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4:-:*:*:*:*:*:*:*", matchCriteriaId: "836BC49A-F358-410D-A5CC-D62DAC7D624F", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_dp:-:*:*:*:*:*:*:*", matchCriteriaId: "6772D5F3-35EE-4C94-B6D5-31500F440CCF", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "4245AED2-3F58-40D0-BF8A-8E930E1730B7", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp:-:*:*:*:*:*:*:*", matchCriteriaId: "40F38253-92F5-4A3A-AA07-292F7542D8A6", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp:-:*:*:*:*:*:*:*", matchCriteriaId: "3BC4FA01-8DDB-41E4-B759-7B504F78AEBC", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4:-:*:*:*:*:*:*:*", matchCriteriaId: "1F37885E-AC96-4043-892F-55AEFAFA675D", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn\\/dp:-:*:*:*:*:*:*:*", matchCriteriaId: "DB469732-E3C2-45BC-8F65-C1B6A676A974", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518hf-4:-:*:*:*:*:*:*:*", matchCriteriaId: "914D507E-5C6E-4BA7-B5EA-549A01E0C34D", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518t-4:-:*:*:*:*:*:*:*", matchCriteriaId: "7EF0A62F-8EC0-4EB8-821A-14B17D87DD8A", vulnerable: false, }, { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518tf-4:-:*:*:*:*:*:*:*", matchCriteriaId: "223AA9C0-89FA-459D-949F-FB9D3551C06F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC STEP 7 (TIA Portal) versión V15 (Todas las versiones), SIMATIC STEP 7 (TIA Portal) versión V16 (todas las versiones anteriores a versión V16 Update 5), SIMATIC STEP 7 (TIA Portal) versión V17 (todas las versiones anteriores a versión V17 Update 2). Un atacante podría lograr una escalada de privilegios en el servidor web de determinados dispositivos debido a una vulnerabilidad de control de acceso inapropiada en el software del sistema de ingeniería. El atacante necesita tener acceso directo al servidor web afectado", }, ], id: "CVE-2021-42029", lastModified: "2024-11-21T06:27:06.913", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-12T09:15:13.817", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-03-07 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
Untrusted search path vulnerability in Siemens SIMATIC ProSave before 13 SP1; SIMATIC CFC before 8.0 SP4 Upd9 and 8.1 before Upd1; SIMATIC STEP 7 before 5.5 SP1 HF2, 5.5 SP2 before HF7, 5.5 SP3, and 5.5 SP4 before HF4; SIMOTION Scout before 4.4; and STARTER before 4.4 HF3 allows local users to gain privileges via a Trojan horse application file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securitytracker.com/id/1032039 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-451236.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032039 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-451236.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | starter | * | |
| siemens | simatic_prosave | 13.0 | |
| siemens | simotion_scout | * | |
| siemens | simatic_cfc | * | |
| siemens | simatic_cfc | 8.1 | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 5.5 | |
| siemens | simatic_step_7 | 5.5 | |
| siemens | simatic_step_7 | 5.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:starter:*:*:*:*:*:*:*:*", matchCriteriaId: "501269A6-E397-4D1D-9F70-269E6E283449", versionEndIncluding: "4.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_prosave:13.0:*:*:*:*:*:*:*", matchCriteriaId: "BC729DF0-989D-419B-9116-E5A4B8C3BA36", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simotion_scout:*:sp1:*:*:*:*:*:*", matchCriteriaId: "34604902-7B50-46C4-BD8B-A0DE87830C0B", versionEndIncluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_cfc:*:sp4:*:*:*:*:*:*", matchCriteriaId: "1673541E-F7D7-4D3A-B726-2A9652A40391", versionEndIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_cfc:8.1:*:*:*:*:*:*:*", matchCriteriaId: "AC9F34FA-9354-4B05-A27B-BE0BD64C3AE8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:sp1:*:*:*:*:*:*", matchCriteriaId: "57265D20-9AA4-47E9-BFE9-7DF015F2EAF8", versionEndIncluding: "5.5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.5:sp2:*:*:*:*:*:*", matchCriteriaId: "A3980E15-DB30-4CD8-B38C-734D56C2C076", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.5:sp3:*:*:*:*:*:*", matchCriteriaId: "747A5E70-8D94-43D3-83C3-F7E78301024A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.5:sp4:*:*:*:*:*:*", matchCriteriaId: "26960308-B20D-414D-AB84-8C93C101E397", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Untrusted search path vulnerability in Siemens SIMATIC ProSave before 13 SP1; SIMATIC CFC before 8.0 SP4 Upd9 and 8.1 before Upd1; SIMATIC STEP 7 before 5.5 SP1 HF2, 5.5 SP2 before HF7, 5.5 SP3, and 5.5 SP4 before HF4; SIMOTION Scout before 4.4; and STARTER before 4.4 HF3 allows local users to gain privileges via a Trojan horse application file.", }, { lang: "es", value: "Vulnerabilidad de ruta de búsqueda no confiable en Siemens SIMATIC ProSave anterior a 13 SP1; SIMATIC CFC anterior a 8.0 SP4 Upd9 y 8.1 anterior a Upd1; SIMATIC STEP 7 anterior a 5.5 SP1 HF2, 5.5 SP2 anterior a HF7, 5.5 SP3, y 5.5 SP4 anterior a HF4; SIMOTION Scout anterior a 4.4; y STARTER anterior a 4.4 HF3 permite a usuarios locales ganar privilegios a través de un fichero de aplicaciones troyano.", }, ], evaluatorComment: "<a href=\"http://cwe.mitre.org/data/definitions/426.html\">CWE-426: Untrusted Search Path</a>", id: "CVE-2015-1594", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2015-03-07T02:59:03.803", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032039", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-451236.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1032039", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-451236.pdf", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:50
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC S7-PM (All versions < V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server.
An attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system's server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-968170.html | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/html/ssa-968170.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf | Mitigation, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_s7-pm | * | |
| siemens | simatic_step_7 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "13E3BDF0-B691-4A97-A74A-A65EC910480E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_s7-pm:*:*:*:*:*:*:*:*", matchCriteriaId: "BF831319-8E52-4A2A-9862-797DA0CB9952", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "482AD17F-916A-4DCC-8FAC-9D1716D04DD3", versionEndExcluding: "5.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC S7-PM (All versions < V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server.\r\n\r\nAn attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system's server.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 (todas las versiones < V9.1 SP2 UC04), SIMATIC S7-PM (todas las versiones), SIMATIC STEP 7 V5 (todas las versiones < V5.7). El producto afectado contiene un sistema de gestión de bases de datos que podría permitir a usuarios remotos con pocos privilegios utilizar funciones integradas de la base de datos (local o en un recurso compartido de red) que tienen impacto en el servidor. Un atacante con acceso a la red del servidor podría aprovechar estas funciones integradas para ejecutar código con privilegios elevados en el servidor del sistema de administración de bases de datos.", }, ], id: "CVE-2023-25910", lastModified: "2024-11-21T07:50:24.710", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:16.280", references: [ { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/html/ssa-968170.html", }, { source: "productcert@siemens.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/html/ssa-968170.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-07-26 10:41
Modified
2025-04-11 00:51
Severity ?
Summary
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf | Vendor Advisory | |
| ics-cert@hq.dhs.gov | http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs7 | * | |
| siemens | simatic_step_7 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs7:*:sp3:*:*:*:*:*:*", matchCriteriaId: "27E6D609-BFD5-46D2-BA2F-156DBD5BF38B", versionEndIncluding: "7.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "640B7EFA-E1BD-4350-A995-FD235F62A27F", versionEndIncluding: "5.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.", }, { lang: "es", value: "Una vulnerabilidad de ruta de búsqueda no confiable en Siemens SIMATIC STEP7 v5.5 SP1, tal como se utilizan en SIMATIC PCS7 v7.1 Service Pack 3 y productos anteriores y de otro tipo, permite a usuarios locales conseguir privilegios a través de un DLL troyano en una carpeta de proyecto de STEP7.\r\n", }, ], evaluatorComment: "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n'CWE-426: Untrusted Search Path'", id: "CVE-2012-3015", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2012-07-26T10:41:47.980", references: [ { source: "ics-cert@hq.dhs.gov", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf", }, { source: "ics-cert@hq.dhs.gov", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf", }, ], sourceIdentifier: "ics-cert@hq.dhs.gov", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-13 19:15
Modified
2024-11-21 04:20
Severity ?
Summary
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | Vendor Advisory | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf | Vendor Advisory | |
| productcert@siemens.com | https://www.us-cert.gov/ics/advisories/icsa-19-344-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-344-04 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc_firmware | * | |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc | - | |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware | * | |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc2 | - | |
| siemens | simatic_s7-1200_cpu_1211c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1211c | - | |
| siemens | simatic_s7-1200_cpu_1212c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1212c | - | |
| siemens | simatic_s7-1200_cpu_1214c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1214c | - | |
| siemens | simatic_s7-1200_cpu_1215c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1215c | - | |
| siemens | simatic_s7-1200_cpu_1217c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1217c | - | |
| siemens | simatic_s7-1500_cpu_1518_firmware | * | |
| siemens | simatic_s7-1500_cpu_1518 | - | |
| siemens | simatic_s7-1500_cpu_1511c_firmware | * | |
| siemens | simatic_s7-1500_cpu_1511c | - | |
| siemens | simatic_s7-1500_cpu_1512c_firmware | * | |
| siemens | simatic_s7-1500_cpu_1512c | - | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_s7-1500 | * | |
| siemens | simatic_s7-plcsim_advanced | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc_open_architecture | * | |
| siemens | simatic_wincc_open_architecture | 3.16 | |
| siemens | simatic_wincc_open_architecture | 3.16 | |
| siemens | simatic_wincc_runtime | * | |
| siemens | simatic_wincc_runtime | * | |
| siemens | simatic_cp_1626_firmware | * | |
| siemens | simatic_cp_1626 | - | |
| siemens | simatic_tim_1531_irc_firmware | * | |
| siemens | simatic_tim_1531_irc | - | |
| siemens | simatic_hmi_panel_firmware | * | |
| siemens | simatic_hmi_panel | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FFA8109D-F938-4FE3-9885-831D2D0FE058", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc:-:*:*:*:*:*:*:*", matchCriteriaId: "E8AED132-C4CF-4C2E-B826-DFAE745256FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C59DF55E-2F4F-4BF1-B02F-05916BC863D4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*", matchCriteriaId: "30E3491F-8F4A-4C7D-960D-073AA41DB4D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "621AC3EC-6DA3-4AA6-9100-0407EC8370E6", versionEndIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1211c:-:*:*:*:*:*:*:*", matchCriteriaId: "3871C0C9-C65E-4E0B-9CA8-75E60066297F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F22D58C-444F-4179-B84F-24D57F4971EB", versionEndIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212c:-:*:*:*:*:*:*:*", matchCriteriaId: "07849777-92E7-41D2-9128-F8D20DE15391", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "985A67F3-9799-4D30-B049-619456280DA4", versionEndIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214c:-:*:*:*:*:*:*:*", matchCriteriaId: "FE17584A-BF7A-48B8-A9CB-477663766C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6A5E0374-939D-4C5E-B721-5AD8A3329387", versionEndIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215c:-:*:*:*:*:*:*:*", matchCriteriaId: "CC4698CF-F935-4707-BA91-7E3650C7956C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF7EA085-2297-4BA0-96AB-2A2EBE0BEFAF", versionEndIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1217c:-:*:*:*:*:*:*:*", matchCriteriaId: "232279DE-CF1C-4A3C-886D-B4CE3F104F09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DF4F6EA7-68BD-4A9D-8DDC-1D802EA7905B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518:-:*:*:*:*:*:*:*", matchCriteriaId: "BE0BA68C-EB57-49CE-94A8-E7905AB79824", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33F882B8-EEDF-489E-9933-37EFC0AAC356", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511c:-:*:*:*:*:*:*:*", matchCriteriaId: "822894D4-96D5-4BDC-A698-D31262BCF422", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1512c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C9E8D52B-CDB3-4E26-A0C4-592CCBFBB827", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512c:-:*:*:*:*:*:*:*", matchCriteriaId: "D2E24A4C-AC13-4382-BDF6-E13878FED4DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*", matchCriteriaId: "744B5953-511F-42CA-80A0-DBE36A6AA144", versionEndExcluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_s7-1500:*:*:*:*:*:*:*:*", matchCriteriaId: "FA1684C0-4B7C-44A0-9F16-5F8121654397", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:*:*:*:*:*:*:*:*", matchCriteriaId: "2C9A3749-B092-4F92-8140-55F10A03A5DB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "E6D968D9-2A64-4E1C-824F-6508AEC6789D", versionEndExcluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "F96AD4B7-105A-4D60-9026-E5C6389F3C73", versionEndExcluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_open_architecture:*:*:*:*:*:*:*:*", matchCriteriaId: "4C3580BA-45F0-4A01-925F-D56B0BA058F7", versionEndIncluding: "3.15", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.16:-:*:*:*:*:*:*", matchCriteriaId: "84D652E6-23F7-4EB6-AE66-69662E191559", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.16:patch_12:*:*:*:*:*:*", matchCriteriaId: "1F0B76B7-FCB4-4831-BD00-AF29FD4606B2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*", matchCriteriaId: "29B1F502-8A3A-4C07-90D2-CE5EB06CB573", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*", matchCriteriaId: "0384FFF2-F577-4FFC-8A84-5682771D1BC1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1626_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D2DA2E87-7B96-4B6B-90F9-C22B138B441B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1626:-:*:*:*:*:*:*:*", matchCriteriaId: "581EA284-EDD6-4EA5-96B2-67904D1D9DC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_tim_1531_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95DEFB00-96A2-460F-8B59-A288FD154FDC", versionEndExcluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_tim_1531_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "AEFDF765-44F4-45CB-8A28-FD7D355310DA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_panel_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE91BB69-3E42-4110-B49B-D53DB894E140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_panel:-:*:*:*:*:*:*:*", matchCriteriaId: "35CA808F-891D-4E10-A87A-68440D0BE0CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC CP 1626 (Todas las versiones), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. variantes SIPLUS) (Todas las versiones), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. variantes SIPLUS) (Todas las versiones anteriores a V20. 8), SIMATIC HMI Panel (incl. variantes SIPLUS) (Todas las versiones), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), familia de CPUs SIMATIC S7-1200 (incl. variantes SIPLUS) (Todas las versiones anteriores a V4.4.0), familia de CPUs SIMATIC S7-1500 (incl. CPUs ET200 relacionadas y variantes SIPLUS) (Todas las versiones anteriores a V2.8.1), SIMATIC S7-1500 Software Controller (Todas las versiones anteriores a V20.8), SIMATIC S7-PLCSIM Advanced (Todas las versiones anteriores a V3.0), SIMATIC STEP 7 (TIA Portal) (Todas las versiones anteriores a V16), SIMATIC WinCC (TIA Portal) (Todas las versiones anteriores a V16), SIMATIC WinCC OA (Todas las versiones anteriores a V3. 16 P013), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a V16), SIMATIC WinCC Runtime Professional (Todas las versiones anteriores a V16), TIM 1531 IRC (incl. variantes de SIPLUS NET) (Todas las versiones anteriores a V2.1). Los dispositivos afectados contienen una vulnerabilidad de elusión de la protección de mensajes debido a ciertas propiedades en el cálculo utilizado para la protección de la integridad. Esto podría permitir a un atacante en posición de Man-in-the-Middle modificar el tráfico de red enviado por el puerto 102/tcp a los dispositivos afectados", }, ], id: "CVE-2019-10929", lastModified: "2024-11-21T04:20:10.487", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-13T19:15:14.860", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", }, { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-327", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-10 17:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | ||
| productcert@siemens.com | https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_process_device_manager | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | sinamics_starter | * | |
| siemens | sinamics_starter | 5.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "13E3BDF0-B691-4A97-A74A-A65EC910480E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_process_device_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "50C02E17-87F5-47DB-B4F3-EFC44B0DFC88", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "CAF09D6E-3375-4731-B16D-30B7592EA5FB", versionEndExcluding: "5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:-:*:*:*:*:*:*", matchCriteriaId: "851F8474-4568-487D-98FB-47DF7EAEAC3B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp1:*:*:*:*:*:*", matchCriteriaId: "81EADA2F-884C-4D72-8489-71025B3EBAEE", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2:*:*:*:*:*:*", matchCriteriaId: "78366D2F-B728-47F6-B539-5FB2D1B0419D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2_hotfix1:*:*:*:*:*:*", matchCriteriaId: "06A86DA0-BC1F-4306-B02E-ED2FA36BE273", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_starter:*:*:*:*:*:*:*:*", matchCriteriaId: "23020179-5112-48A8-BA76-EB6C073867BF", versionEndExcluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_starter:5.4:-:*:*:*:*:*:*", matchCriteriaId: "E04348B3-6DAC-49E2-A612-FE0A3166776B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 versión V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9.0 SP3), SIMATIC PDM (Todas las versiones anteriores a V9.2), SIMATIC STEP 7 V5.X (Todas las versiones anteriores a V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (Todas las versiones anteriores a V5.4 HF2). Una vulnerabilidad de desbordamiento del búfer podría permitir a un atacante local causar una situación de Denegación de Servicio. La vulnerabilidad de seguridad podría ser explotada por parte de un atacante con acceso local a los sistemas afectados. Una explotación con éxito podría requerir privilegios de usuario pero no una interacción del usuario. La vulnerabilidad podría permitir a un atacante comprometer la disponibilidad del sistema, así como tener acceso a información confidencial", }, ], id: "CVE-2020-7586", lastModified: "2024-11-21T05:37:25.427", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-10T17:15:12.520", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { source: "productcert@siemens.com", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-122", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-13 11:15
Modified
2024-11-21 06:06
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_firmware | * | |
| siemens | simatic_pcs_firmware | 9.0 | |
| siemens | simatic_pcs_firmware | 9.0 | |
| siemens | simatic_pcs_firmware | 9.0 | |
| siemens | simatic_pcs | - | |
| siemens | simatic_pdm_firmware | * | |
| siemens | simatic_pdm | - | |
| siemens | simatic_step_7_firmware | * | |
| siemens | simatic_step_7 | - | |
| siemens | sinamics_starter_firmware | * | |
| siemens | sinamics_starter_firmware | 5.4 | |
| siemens | sinamics_starter_firmware | 5.4 | |
| siemens | sinamics_starter_firmware | 5.4 | |
| siemens | sinamics_starter | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EEA55DF-23A5-4D3D-A2EC-EFFFBD8A7C3F", versionEndIncluding: "8.2", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:-:*:*:*:*:*:*", matchCriteriaId: "81FDDB73-5C1A-448E-A88E-835F04DB8444", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp1:*:*:*:*:*:*", matchCriteriaId: "39CC2ACC-62C3-434D-AB36-B73CA7CD5935", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp2:*:*:*:*:*:*", matchCriteriaId: "D6FE8718-AC43-4AD8-9226-2382CB588F7F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pcs:-:*:*:*:*:*:*:*", matchCriteriaId: "5BEAC421-FE31-4F16-8DB1-B816FDD66D64", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCE0E117-5AB1-4D65-84CA-1F4A48664C93", versionEndExcluding: "9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*", matchCriteriaId: "E092B735-42D5-48D5-947B-288C0FA2E180", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_step_7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "06CA9ADA-EEEA-4655-93FA-11EF309D869B", versionEndIncluding: "5.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_step_7:-:*:*:*:*:*:*:*", matchCriteriaId: "FB1FE00B-0613-4819-8D50-A5A0B6A190D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACF25F6B-8DC4-4835-AE2F-2E03D3FA4C8C", versionEndExcluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:-:*:*:*:*:*:*", matchCriteriaId: "4D01AB88-A23C-4105-9D5C-DEAA8C2AAFE9", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_1:*:*:*:*:*:*", matchCriteriaId: "C803017D-BCE6-4638-A54F-D29CA8AE5ABC", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_2:*:*:*:*:*:*", matchCriteriaId: "A5900915-29CC-4F36-9622-4E81038CE932", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_starter:-:*:*:*:*:*:*:*", matchCriteriaId: "C3E8B354-CB0D-40F1-BC2B-C2355974C2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 versiones V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 versiones V9.0 (Todas las versiones anteriores a V9.0 SP3), SIMATIC PDM (Todas las versiones anteriores a V9.2), SIMATIC STEP 7 versiones V5.X (Todas las versiones anteriores a V5.6 SP2 HF3), SINAMICS STARTER (que contiene la versión OEM de STEP 7) (Todas las versiones anteriores a V5.4 HF2). El software afectado contiene una vulnerabilidad de desbordamiento de búfer mientras se manejan determinados archivos que podría permitir a un atacante local desencadenar una condición de denegación de servicio o potencialmente conllevar a una ejecución de código remota", }, ], id: "CVE-2021-31893", lastModified: "2024-11-21T06:06:26.987", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-13T11:15:09.527", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-04-06 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/72691 | ||
| cve@mitre.org | http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf | Patch, Vendor Advisory | |
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72691 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 12 | |
| siemens | simatic_step_7 | 13 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:sp1:*:*:*:*:*:*", matchCriteriaId: "F449090B-2147-4550-81B6-6B612308F69F", versionEndIncluding: "13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:12:*:*:*:*:*:*:*", matchCriteriaId: "8DC3FCB2-5D11-4D92-9EC9-3F7EF5A609EA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:13:*:*:*:*:*:*:*", matchCriteriaId: "10FD6868-F5CE-47C6-9BB8-59CC0C898029", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors.", }, { lang: "es", value: "Siemens SIMATIC STEP 7 (TIA Portal) 12 y 13 anterior a 13 SP1 Upd1 permite a atacantes man-in-the-middle obtener información sensible o modificar los datos transmitidos a través de vectores no especificados.", }, ], id: "CVE-2015-1601", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2015-04-06T01:59:01.667", references: [ { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/72691", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", }, { source: "cve@mitre.org", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/72691", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-315836.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-254", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-15 19:30
Modified
2025-04-12 10:46
Severity ?
Summary
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files\*" or the localized equivalent).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/94158 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf | ||
| cve@mitre.org | https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94158 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | primary_setup_tool | - | |
| siemens | security_configuration_tool | - | |
| siemens | simatic_it_production_suite | - | |
| siemens | simatic_net_pc_software | * | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs7 | 8.0 | |
| siemens | simatic_pcs7 | 8.1 | |
| siemens | simatic_pcs7 | 8.2 | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7_\(tia_portal\) | * | |
| siemens | simatic_winac_rtx_2010 | - | |
| siemens | simatic_winac_rtx_f_2010 | - | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc_\(tia_portal\) | * | |
| siemens | simatic_wincc_\(tia_portal\) | * | |
| siemens | simatic_wincc_\(tia_portal\) | * | |
| siemens | simatic_wincc_\(tia_portal\) | - | |
| siemens | simatic_wincc_runtime | - | |
| siemens | simit | 9.0 | |
| siemens | sinema_remote_connect | - | |
| siemens | sinema_server | * | |
| siemens | softnet_security_client | * | |
| siemens | telecontrol_basic | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:primary_setup_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "8046A64D-4C80-4199-B1A7-F77D02428ACD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:security_configuration_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "C33765E4-619E-4566-BF96-4A7C8776A0CB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_it_production_suite:-:*:*:*:*:*:*:*", matchCriteriaId: "DBCAF7A5-CA65-4D88-8473-67947726CA2D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc_software:*:*:*:*:*:*:*:*", matchCriteriaId: "87DF85DE-B86C-459A-A9A9-096AF7A661E6", versionEndIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "4DFBFF6B-DBC8-451D-A235-4C7E1F0883D5", versionEndIncluding: "7.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*", matchCriteriaId: "E8B894F4-9635-4436-BC0A-E43280426017", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.1:*:*:*:*:*:*:*", matchCriteriaId: "172A6A81-C32E-4ACC-AB8C-2014BF3A6901", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.2:*:*:*:*:*:*:*", matchCriteriaId: "8C6E8BBF-C5FF-4F13-AC70-2FF41CF3CC8E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:sp4:*:*:*:*:*:*", matchCriteriaId: "C60C6533-1875-4E5B-A367-F6C1C1345CCF", versionEndIncluding: "5.5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A4053231-D271-4A23-B0A0-374F6EAE2EF8", versionEndIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:*", matchCriteriaId: "AD93D757-C2DE-444C-9FF4-A7A700EFF7F0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_winac_rtx_f_2010:-:*:*:*:*:*:*:*", matchCriteriaId: "042D7AB5-8DB7-478E-8CB8-31942D360B34", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:sp2:*:*:*:*:*:*", matchCriteriaId: "B9D3442E-E362-49BA-8699-629A611A6E2E", versionEndIncluding: "7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*", matchCriteriaId: "0D0BB2E6-1444-499A-943E-8D19C402F1BD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:*:*:*:*:*:*:*", matchCriteriaId: "4C4BFBED-E818-453C-B787-22D67B4A5A29", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*", matchCriteriaId: "8D6229A2-9B8E-4F76-8425-589D2CE58B16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F64B795A-7E66-49AE-BE40-E8EEAC12D280", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:advanced:*:*:*", matchCriteriaId: "882F53D9-7AAA-4647-B071-A45CA2618AA1", versionEndIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:basic:*:*:*", matchCriteriaId: "F4524CA7-833B-4577-A5E5-DB47704F49AF", versionEndIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:comfort:*:*:*", matchCriteriaId: "58782A2B-6A27-475A-9FAB-0272DED5DB40", versionEndIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):-:*:*:*:professional:*:*:*", matchCriteriaId: "D9BA6A34-593E-466A-B11B-1E2DC890ECF6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:-:*:*:*:professional:*:*:*", matchCriteriaId: "E6BFBAED-EE2B-4DE4-A76C-824DD15F4608", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simit:9.0:*:*:*:*:*:*:*", matchCriteriaId: "939DE56D-D8D7-42B8-BC0C-D6727E99AFA3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_remote_connect:-:*:*:*:*:*:*:*", matchCriteriaId: "9646F056-080A-4F45-AABD-4D6E8AF05148", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:*:sp2:*:*:*:*:*:*", matchCriteriaId: "3F8B6E52-C339-41B9-A2C1-A6D161251648", versionEndIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:softnet_security_client:*:*:*:*:*:*:*:*", matchCriteriaId: "18BFF869-4E4E-4410-91F7-56A7E959C0FE", versionEndIncluding: "5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:telecontrol_basic:*:sp2:*:*:*:*:*:*", matchCriteriaId: "A9386816-33A5-4DA7-931B-841AAE40E3BE", versionEndIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent).", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en Primary Setup Tool (PST) (todas las versiones anteriores a V4.2 HF1), SIMATIC IT Production Suite (todas las versiones anteriores a V7.0 SP1 HFX 2), SIMATIC NET PC-Software (Todas las versiones anteriores a V14), SIMATIC PCS 7 versión V7.1 (Todas las versiones), SIMATIC PCS 7 versión V8.0 (Todas las versiones), SIMATIC PCS 7 versión V8.1 (Todas las versiones),SIMATIC PCS 7 versión V8.2 (Todas las versiones anteriores a V8.2 SP1), SIMATIC STEP 7 (TIA Portal) versión V13 (Todas las versiones anteriores a V13 SP2), SIMATIC STEP 7 versiones V5.X (Todas las versiones anteriores a V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (Todas las versiones anteriores a V14), SIMATIC WinCC (TIA Portal) Professional versión V13 (Todas las versiones anteriores a V13 SP2), SIMATIC WinCC (TIA Portal) Professional versión V14 (Todas las versiones anteriores a V14 SP1), SIMATIC WinCC Runtime Professional versión V13 (Todas las versiones anteriores a V13 SP2), SIMATIC WinCC Runtime Professional versión V14 (Todas las versiones anteriores a V14 SP1), SIMATIC WinCC versión V7.0 SP2 y anteriores (Todas las versiones anteriores a V7.0 SP2 Upd 12), SIMATIC WinCC versión V7.0 SP3 (Todas las versiones anteriores a V7.0 SP3 Upd 8), SIMATIC WinCC versión V7.2 (Todas las versiones anteriores a V7.2 Upd 14), SIMATIC WinCC versión V7.3 (Todas las versiones anteriores a V7.3 Upd 11), SIMATIC WinCC versión V7.4 (Todas las versiones anteriores a V7.4 SP1), SIMIT versión V9.0 (Todas las versiones anteriores a V9.0 SP1), SINEMA Remote Connect Client (Todas las versiones anteriores a V1.0 SP3), SINEMA Server (Todas las versiones anteriores a V13 SP2), SOFTNET Security Client versión V5.0 (Todas las versiones), Security Configuration Tool (SCT) (Todas las versiones anteriores a V4.3 HF1), TeleControl Server Basic (Todas las versiones anteriores a V3.0 SP2), WinAC RTX 2010 SP2 (Todas las versiones), WinAC RTX F 2010 SP2 (Todas las versiones). Las rutas (path) de servicio sin comillas podrían permitir que los usuarios locales del sistema operativo Microsoft Windows aumenten sus privilegios si los productos afectados no están instalados en su ruta (path) de acceso predeterminada (\"C:\\Program Files\\*\" o el equivalente localizado).", }, ], id: "CVE-2016-7165", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.5, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-15T19:30:02.797", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94158", }, { source: "cve@mitre.org", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-254", }, { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-02-18 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine cleartext passwords by reading a project file and conducting a brute-force attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_step_7 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "1E429A7F-72D9-4491-9946-3D41E285FA88", versionEndIncluding: "13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine cleartext passwords by reading a project file and conducting a brute-force attack.", }, { lang: "es", value: "Siemens SIMATIC STEP 7 (TIA Portal) anterior a 13 SP1 utiliza un algoritmo de hashes de contraseñas débil, lo que facilita a usuarios locales determinar las contraseñas en texto claro mediante la lectura de un ficheros de proyectos y la realización de un ataque de fuerza bruta.", }, ], id: "CVE-2015-1355", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-02-18T02:59:05.737", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-07-14 14:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | opcenter_execution_discrete | * | |
| siemens | opcenter_execution_foundation | * | |
| siemens | opcenter_execution_process | * | |
| siemens | opcenter_intelligence | * | |
| siemens | opcenter_quality | * | |
| siemens | opcenter_rd\&l | 8.0 | |
| siemens | simatic_notifier_server | * | |
| siemens | simatic_pcs_neo | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 16 | |
| siemens | simatic_step_7 | 16 | |
| siemens | simocode_es | * | |
| siemens | soft_starter_es | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:opcenter_execution_discrete:*:*:*:*:*:*:*:*", matchCriteriaId: "F33BF89C-F36E-4C8F-ABB9-579E2022DDA6", versionEndExcluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_execution_foundation:*:*:*:*:*:*:*:*", matchCriteriaId: "1DCE5E06-B75F-4D21-96CC-70DD373B1811", versionEndExcluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_execution_process:*:*:*:*:*:*:*:*", matchCriteriaId: "C4DD5C57-5877-495C-A01E-747E5DCED9F7", versionEndExcluding: "3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*", matchCriteriaId: "FA9BAFAE-C26A-4435-80C1-508F0A3EF768", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*", matchCriteriaId: "9DB2F53B-817C-41F3-9B52-85DE702ACCE5", versionEndExcluding: "11.3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:opcenter_rd\\&l:8.0:*:*:*:*:*:*:*", matchCriteriaId: "EE037602-C9E8-45D5-9A44-3B73052F478E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_notifier_server:*:*:*:*:*:windows:*:*", matchCriteriaId: "DE74021F-CE57-42CC-8093-E1B0352410FA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*", matchCriteriaId: "D61D4B81-7F51-49BE-83DD-D2C28D23B0EA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "E6D968D9-2A64-4E1C-824F-6508AEC6789D", versionEndExcluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*", matchCriteriaId: "66CB66B9-176E-4FA3-BC67-E7C5972A307C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:16:update1:*:*:*:*:*:*", matchCriteriaId: "EF2D6947-576B-4CA7-B4E4-F0B428FA5ABB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simocode_es:*:*:*:*:*:*:*:*", matchCriteriaId: "CE934FDC-666F-4D9D-9C03-2896875F0A0D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:soft_starter_es:*:*:*:*:*:*:*:*", matchCriteriaId: "FA57190F-97BA-4D1D-BC73-F37162B775F9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en Opcenter Execution Discrete (Todas las versiones anteriores a V3.2), Opcenter Execution Foundation (Todas las versiones anteriores a V3.2), Opcenter Execution Process (Todas las versiones anteriores a V3.2), Opcenter Intelligence (Todas las versiones anteriores a V3.3), Opcenter Quality (Todas las versiones anteriores a V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (Todas las versiones), SIMATIC PCS neo (Todas las versiones anteriores a V3. 0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 2), SIMOCODE ES V15.1 (Todas las versiones anteriores a V15.1 Update 4), SIMOCODE ES V16 (Todas las versiones anteriores a V16 Update 1), Soft Starter ES V15.1 (Todas las versiones anteriores a V15.1 Update 3), Soft Starter ES V16 (Todas las versiones anteriores a V16 Update 1). Un componente dentro de la aplicación afectada llama a un binario de ayuda con privilegios de SISTEMA durante el inicio mientras la ruta de llamada no está citada. Esto podría permitir a un atacante local con privilegios administrativos ejecutar código con privilegios de nivel SYSTEM", }, ], id: "CVE-2020-7581", lastModified: "2024-11-21T05:37:24.977", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-14T14:15:18.587", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-428", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-428", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }