Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2021-45117
Vulnerability from cvelistv5
Published
2022-03-21 14:05
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf | Patch, Third Party Advisory | |
cve@mitre.org | https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf | Patch, Vendor Advisory | |
cve@mitre.org | https://www.youtube.com/watch?v=qv-RBdCaV4k | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf | Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.youtube.com/watch?v=qv-RBdCaV4k | Exploit, Third Party Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T04:39:20.271Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.youtube.com/watch?v=qv-RBdCaV4k" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-05-10T11:06:11", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.youtube.com/watch?v=qv-RBdCaV4k" }, { "tags": [ "x_refsource_MISC" ], "url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-45117", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.youtube.com/watch?v=qv-RBdCaV4k", "refsource": "MISC", "url": "https://www.youtube.com/watch?v=qv-RBdCaV4k" }, { "name": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf", "refsource": "MISC", "url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-45117", "datePublished": "2022-03-21T14:05:45", "dateReserved": "2021-12-16T00:00:00", "dateUpdated": "2024-08-04T04:39:20.271Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-45117\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-03-21T15:15:07.927\",\"lastModified\":\"2024-11-21T06:31:59.667\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.\"},{\"lang\":\"es\",\"value\":\"Los stubs de pila ANSI C autogenerados por OPC (en los NodeSets) no manejan todos los casos de error. Esto puede conllevar a una desreferencia de puntero NULL\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:opcfoundation:ua-nodeset:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.05.01\",\"matchCriteriaId\":\"14F2AA77-409B-48CA-9BBE-6EC6B5BA9EAF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"298E8F34-346B-4FC5-8690-3F947F585552\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DF90C44-4AC2-4B2B-8712-30CD3DE96B22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"496E3C43-5DA8-4983-8AC6-0F32454E22F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFBD6DDF-917C-44CC-A944-1945DC7AC9FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sitop_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F1ABC40-2C91-4EA9-9442-16E5D7C29E52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:telecontrol_server_basic:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"975FC6E7-8FDB-4361-A691-44B26B0CBFD4\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.youtube.com/watch?v=qv-RBdCaV4k\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.youtube.com/watch?v=qv-RBdCaV4k\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}" } }
ghsa-v4v7-f2qj-8939
Vulnerability from github
Published
2022-03-22 00:00
Modified
2022-03-29 00:01
Severity ?
Details
The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.
{ "affected": [], "aliases": [ "CVE-2021-45117" ], "database_specific": { "cwe_ids": [ "CWE-476" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2022-03-21T15:15:00Z", "severity": "MODERATE" }, "details": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.", "id": "GHSA-v4v7-f2qj-8939", "modified": "2022-03-29T00:01:27Z", "published": "2022-03-22T00:00:41Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45117" }, { "type": "WEB", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf" }, { "type": "WEB", "url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf" }, { "type": "WEB", "url": "https://www.youtube.com/watch?v=qv-RBdCaV4k" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }
var-202203-1191
Vulnerability from variot
The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference. OPC Foundation of ua-nodeset For products from other vendors, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202203-1191", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "17" }, { "model": "sitop manager", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "ua-nodeset", "scope": "lt", "trust": 1.0, "vendor": "opcfoundation", "version": "1.05.01" }, { "model": "telecontrol server basic", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "telecontrol server basic", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "ua-nodeset", "scope": null, "trust": 0.8, "vendor": "opc", "version": null }, { "model": "simatic net pc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "sitop manager", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:opcfoundation:ua-nodeset:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.05.01", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sitop_manager:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-45117" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported this vulnerability to CISA.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202203-1906" } ], "trust": 0.6 }, "cve": "CVE-2021-45117", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 4.3, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2021-45117", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2021-45117", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-45117", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202203-1906", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2021-45117", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-45117" }, { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" }, { "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference. OPC Foundation of ua-nodeset For products from other vendors, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state", "sources": [ { "db": "NVD", "id": "CVE-2021-45117" }, { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "VULMON", "id": "CVE-2021-45117" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-45117", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-285795", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-22-132-08", "trust": 1.5 }, { "db": "JVN", "id": "JVNVU92977068", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2021-018979", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2022.2358", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022051719", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202203-1906", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2021-45117", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-45117" }, { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" }, { "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "id": "VAR-202203-1191", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.6666667 }, "last_update_date": "2023-12-18T11:56:06.385000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2021-45117 " } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-45117" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-476", "trust": 1.0 }, { "problemtype": "NULL Pointer dereference (CWE-476) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://files.opcfoundation.org/securitybulletins/opc%20foundation%20security%20bulletin%20cve-2021-45117.pdf" }, { "trust": 2.5, "url": "https://www.youtube.com/watch?v=qv-rbdcav4k" }, { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu92977068/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45117" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-08" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-opc-ua-ansic-stack-38293" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-08" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022051719" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2021-45117/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.2358" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/476.html" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2021-45117" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-08" } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-45117" }, { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" }, { "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2021-45117" }, { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" }, { "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-03-21T00:00:00", "db": "VULMON", "id": "CVE-2021-45117" }, { "date": "2023-07-12T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "date": "2022-03-21T15:15:07.927000", "db": "NVD", "id": "CVE-2021-45117" }, { "date": "2022-03-21T00:00:00", "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-09-03T00:00:00", "db": "VULMON", "id": "CVE-2021-45117" }, { "date": "2023-07-12T08:30:00", "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "date": "2022-09-03T03:55:39.127000", "db": "NVD", "id": "CVE-2021-45117" }, { "date": "2022-05-18T00:00:00", "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202203-1906" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OPC\u00a0Foundation\u00a0 of \u00a0ua-nodeset\u00a0 in products from other multiple vendors \u00a0NULL\u00a0 Pointer dereference vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-018979" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202203-1906" } ], "trust": 0.6 } }
WID-SEC-W-2023-2603
Vulnerability from csaf_certbund
Published
2023-10-09 22:00
Modified
2023-10-09 22:00
Summary
Siemens SICAM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Siemens SICAM ist eine Produktfamilie von SCADA-Systemen für den Betrieb von industriellen Prozessen.
Angriff
Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Siemens SICAM ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen, seine Privilegien zu erweitern und Daten zu manipulieren.
Betroffene Betriebssysteme
- BIOS/Firmware
- Hardware Appliance
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Siemens SICAM ist eine Produktfamilie von SCADA-Systemen f\u00fcr den Betrieb von industriellen Prozessen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Siemens SICAM ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren.", "title": "Angriff" }, { "category": "general", "text": "- BIOS/Firmware\n- Hardware Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2603 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2603.json" }, { "category": "self", "summary": "WID-SEC-2023-2603 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2603" }, { "category": "external", "summary": "Siemens Security Advisory vom 2023-10-09", "url": "https://cert-portal.siemens.com/productcert/html/ssa-285795.html" }, { "category": "external", "summary": "Siemens Security Advisory vom 2023-10-09", "url": "https://cert-portal.siemens.com/productcert/html/ssa-784849.html" }, { "category": "external", "summary": "Siemens Security Advisory vom 2023-10-09", "url": "https://cert-portal.siemens.com/productcert/html/ssa-770890.html" }, { "category": "external", "summary": "Siemens Security Advisory vom 2023-10-09", "url": "https://cert-portal.siemens.com/productcert/html/ssa-134651.html" }, { "category": "external", "summary": "Siemens Security Advisory vom 2023-10-09", "url": "https://cert-portal.siemens.com/productcert/html/ssa-035466.html" } ], "source_lang": "en-US", "title": "Siemens SICAM: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-10-09T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:47:17.112+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-2603", "initial_release_date": "2023-10-09T22:00:00.000+00:00", "revision_history": [ { "date": "2023-10-09T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Siemens SICAM A8000", "product": { "name": "Siemens SICAM A8000", "product_id": "T024199", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:a8000" } } }, { "category": "product_name", "name": "Siemens SICAM PAS", "product": { "name": "Siemens SICAM PAS", "product_id": "T030347", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:pas" } } }, { "category": "product_name", "name": "Siemens SICAM PQS", "product": { "name": "Siemens SICAM PQS", "product_id": "T030348", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:pqs" } } }, { "category": "product_name", "name": "Siemens SICAM CP", "product": { "name": "Siemens SICAM CP", "product_id": "T030349", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:cp" } } }, { "category": "product_name", "name": "Siemens SICAM HMI Comfort Outdoor Panels", "product": { "name": "Siemens SICAM HMI Comfort Outdoor Panels", "product_id": "T030350", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:hmi_comfort_outdoor_panels" } } }, { "category": "product_name", "name": "Siemens SICAM HMI KTP Mobile Panels", "product": { "name": "Siemens SICAM HMI KTP Mobile Panels", "product_id": "T030351", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:hmi_ktp_mobile_panels" } } }, { "category": "product_name", "name": "Siemens SICAM NET PC Software", "product": { "name": "Siemens SICAM NET PC Software", "product_id": "T030352", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:net_pc_software" } } } ], "category": "product_name", "name": "SICAM" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-45205", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-45205" }, { "cve": "CVE-2023-42796", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-42796" }, { "cve": "CVE-2023-38640", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-38640" }, { "cve": "CVE-2023-37195", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-37195" }, { "cve": "CVE-2023-37194", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-37194" }, { "cve": "CVE-2023-36380", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-36380" }, { "cve": "CVE-2021-45117", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2021-45117" } ] }
wid-sec-w-2023-2603
Vulnerability from csaf_certbund
Published
2023-10-09 22:00
Modified
2023-10-09 22:00
Summary
Siemens SICAM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Siemens SICAM ist eine Produktfamilie von SCADA-Systemen für den Betrieb von industriellen Prozessen.
Angriff
Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Siemens SICAM ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen, seine Privilegien zu erweitern und Daten zu manipulieren.
Betroffene Betriebssysteme
- BIOS/Firmware
- Hardware Appliance
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Siemens SICAM ist eine Produktfamilie von SCADA-Systemen f\u00fcr den Betrieb von industriellen Prozessen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Siemens SICAM ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren.", "title": "Angriff" }, { "category": "general", "text": "- BIOS/Firmware\n- Hardware Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2603 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2603.json" }, { "category": "self", "summary": "WID-SEC-2023-2603 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2603" }, { "category": "external", "summary": "Siemens Security Advisory vom 2023-10-09", "url": "https://cert-portal.siemens.com/productcert/html/ssa-285795.html" }, { "category": "external", "summary": "Siemens Security Advisory vom 2023-10-09", "url": "https://cert-portal.siemens.com/productcert/html/ssa-784849.html" }, { "category": "external", "summary": "Siemens Security Advisory vom 2023-10-09", "url": "https://cert-portal.siemens.com/productcert/html/ssa-770890.html" }, { "category": "external", "summary": "Siemens Security Advisory vom 2023-10-09", "url": "https://cert-portal.siemens.com/productcert/html/ssa-134651.html" }, { "category": "external", "summary": "Siemens Security Advisory vom 2023-10-09", "url": "https://cert-portal.siemens.com/productcert/html/ssa-035466.html" } ], "source_lang": "en-US", "title": "Siemens SICAM: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-10-09T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:47:17.112+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-2603", "initial_release_date": "2023-10-09T22:00:00.000+00:00", "revision_history": [ { "date": "2023-10-09T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Siemens SICAM A8000", "product": { "name": "Siemens SICAM A8000", "product_id": "T024199", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:a8000" } } }, { "category": "product_name", "name": "Siemens SICAM PAS", "product": { "name": "Siemens SICAM PAS", "product_id": "T030347", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:pas" } } }, { "category": "product_name", "name": "Siemens SICAM PQS", "product": { "name": "Siemens SICAM PQS", "product_id": "T030348", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:pqs" } } }, { "category": "product_name", "name": "Siemens SICAM CP", "product": { "name": "Siemens SICAM CP", "product_id": "T030349", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:cp" } } }, { "category": "product_name", "name": "Siemens SICAM HMI Comfort Outdoor Panels", "product": { "name": "Siemens SICAM HMI Comfort Outdoor Panels", "product_id": "T030350", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:hmi_comfort_outdoor_panels" } } }, { "category": "product_name", "name": "Siemens SICAM HMI KTP Mobile Panels", "product": { "name": "Siemens SICAM HMI KTP Mobile Panels", "product_id": "T030351", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:hmi_ktp_mobile_panels" } } }, { "category": "product_name", "name": "Siemens SICAM NET PC Software", "product": { "name": "Siemens SICAM NET PC Software", "product_id": "T030352", "product_identification_helper": { "cpe": "cpe:/h:siemens:sicam:net_pc_software" } } } ], "category": "product_name", "name": "SICAM" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-45205", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-45205" }, { "cve": "CVE-2023-42796", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-42796" }, { "cve": "CVE-2023-38640", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-38640" }, { "cve": "CVE-2023-37195", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-37195" }, { "cve": "CVE-2023-37194", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-37194" }, { "cve": "CVE-2023-36380", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2023-36380" }, { "cve": "CVE-2021-45117", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Siemens SICAM Ger\u00e4ten. Die Fehler bestehen unter anderem aufgrund von unsicheren Berechtigungen, einer hartkodierten ID, einem Directory Traversal und einem unzureichenden Control Mapping. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, seine Privilegien zu erweitern und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030347", "T030349", "T030348", "T030350", "T024199", "T030352", "T030351" ] }, "release_date": "2023-10-09T22:00:00Z", "title": "CVE-2021-45117" } ] }
ICSA-22-132-08
Vulnerability from csaf_cisa
Published
2022-05-12 00:00
Modified
2022-05-12 00:00
Summary
Siemens Industrial Products with OPC UA
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of this vulnerability could crash the device by sending uncertain status code in a response message.
Critical infrastructure sectors
Multiple Sectors
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target this vulnerability.
{ "document": { "acknowledgments": [ { "organization": "Siemens", "summary": "reporting this vulnerability to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of this vulnerability could crash the device by sending uncertain status code in a response message.", "title": "Risk evaluation" }, { "category": "other", "text": "Multiple Sectors", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "other", "text": "No known public exploits specifically target this vulnerability.", "title": "Exploitability" } ], "publisher": { "category": "coordinator", "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "external", "summary": "SSA-285795: Denial of Service in OPC-UA in Industrial Products - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-285795.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-132-08 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-132-08.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-132-08 Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-08" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" }, { "category": "external", "summary": "SSA-285795: Denial of Service in OPC-UA in Industrial Products - PDF Version", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf" }, { "category": "external", "summary": "SSA-285795: Denial of Service in OPC-UA in Industrial Products - TXT Version", "url": "https://cert-portal.siemens.com/productcert/txt/ssa-285795.txt" } ], "title": "Siemens Industrial Products with OPC UA", "tracking": { "current_release_date": "2022-05-12T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-22-132-08", "initial_release_date": "2022-05-12T00:00:00.000000Z", "revision_history": [ { "date": "2022-05-12T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "ICSA-22-132-08 Siemens Industrial Products with OPC UA" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c V17 Update 5", "product": { "name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V17 Update 5", "product": { "name": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V17 Update 5", "product": { "name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F", "product_id": "CSAFPID-0003" } } ], "category": "product_name", "name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V14 SP1 Update 14", "product": { "name": "SIMATIC NET PC Software V14", "product_id": "CSAFPID-0004" } } ], "category": "product_name", "name": "SIMATIC NET PC Software V14" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "SIMATIC NET PC Software V15", "product_id": "CSAFPID-0005" } } ], "category": "product_name", "name": "SIMATIC NET PC Software V15" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V16 Update 6", "product": { "name": "SIMATIC NET PC Software V16", "product_id": "CSAFPID-0006" } } ], "category": "product_name", "name": "SIMATIC NET PC Software V16" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V17 SP1", "product": { "name": "SIMATIC NET PC Software V17", "product_id": "CSAFPID-0007" } } ], "category": "product_name", "name": "SIMATIC NET PC Software V17" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "SITOP Manager", "product_id": "CSAFPID-0008" } } ], "category": "product_name", "name": "SITOP Manager" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V3.1.1", "product": { "name": "TeleControl Server Basic V3", "product_id": "CSAFPID-0009" } } ], "category": "product_name", "name": "TeleControl Server Basic V3" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-45117", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "The OPC UA ANSIC Stack (also called Legacy C-Stack) was reported to crash when an unexpected OPC UA Response message status code was accessed via the synchronous Client API. The vulnerability was found in generated code of the OPC Foundation C-Stack. An unexpected status code in response message will dereference Null pointer leading to crash, ping of death (PoD). This affects a client, but it might also affect a server when it uses OpcUa_ClientApi_RegisterServer (e.g. register at LDS). A specially crafted UA server, or Man in the Middle attacker, can cause the OPC UA application to crash by sending uncertain status code in response message.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45117" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Do not use OPC client feature to connect via untrusted networks or to untrusted OPC-UA communication partners", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Use VPN for protecting network communication between cells", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0005" ] }, { "category": "none_available", "details": "Currently no fix is available", "product_ids": [ "CSAFPID-0008" ] }, { "category": "vendor_fix", "details": "Update to V17 SP1 or later version", "product_ids": [ "CSAFPID-0007" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109808270/" }, { "category": "vendor_fix", "details": "Update to V14 SP1 Update 14 or later version", "product_ids": [ "CSAFPID-0004" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109807351/" }, { "category": "vendor_fix", "details": "Update to V16 Update 6 or later version", "product_ids": [ "CSAFPID-0006" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109811815/" }, { "category": "vendor_fix", "details": "Update to V3.1.1 or later version", "product_ids": [ "CSAFPID-0009" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812231/" }, { "category": "vendor_fix", "details": "Update SIMATIC WinCC (TIA Portal) to V17 Update 5 or newer, and then update panel to V17 Update 5 or newer", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109746530/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] } ], "title": "CVE-2021-45117" } ] }
icsa-22-132-08
Vulnerability from csaf_cisa
Published
2022-05-12 00:00
Modified
2022-05-12 00:00
Summary
Siemens Industrial Products with OPC UA
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of this vulnerability could crash the device by sending uncertain status code in a response message.
Critical infrastructure sectors
Multiple Sectors
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target this vulnerability.
{ "document": { "acknowledgments": [ { "organization": "Siemens", "summary": "reporting this vulnerability to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of this vulnerability could crash the device by sending uncertain status code in a response message.", "title": "Risk evaluation" }, { "category": "other", "text": "Multiple Sectors", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "other", "text": "No known public exploits specifically target this vulnerability.", "title": "Exploitability" } ], "publisher": { "category": "coordinator", "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "external", "summary": "SSA-285795: Denial of Service in OPC-UA in Industrial Products - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-285795.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-132-08 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-132-08.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-132-08 Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-08" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" }, { "category": "external", "summary": "SSA-285795: Denial of Service in OPC-UA in Industrial Products - PDF Version", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf" }, { "category": "external", "summary": "SSA-285795: Denial of Service in OPC-UA in Industrial Products - TXT Version", "url": "https://cert-portal.siemens.com/productcert/txt/ssa-285795.txt" } ], "title": "Siemens Industrial Products with OPC UA", "tracking": { "current_release_date": "2022-05-12T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-22-132-08", "initial_release_date": "2022-05-12T00:00:00.000000Z", "revision_history": [ { "date": "2022-05-12T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "ICSA-22-132-08 Siemens Industrial Products with OPC UA" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c V17 Update 5", "product": { "name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V17 Update 5", "product": { "name": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V17 Update 5", "product": { "name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F", "product_id": "CSAFPID-0003" } } ], "category": "product_name", "name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V14 SP1 Update 14", "product": { "name": "SIMATIC NET PC Software V14", "product_id": "CSAFPID-0004" } } ], "category": "product_name", "name": "SIMATIC NET PC Software V14" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "SIMATIC NET PC Software V15", "product_id": "CSAFPID-0005" } } ], "category": "product_name", "name": "SIMATIC NET PC Software V15" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V16 Update 6", "product": { "name": "SIMATIC NET PC Software V16", "product_id": "CSAFPID-0006" } } ], "category": "product_name", "name": "SIMATIC NET PC Software V16" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V17 SP1", "product": { "name": "SIMATIC NET PC Software V17", "product_id": "CSAFPID-0007" } } ], "category": "product_name", "name": "SIMATIC NET PC Software V17" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "SITOP Manager", "product_id": "CSAFPID-0008" } } ], "category": "product_name", "name": "SITOP Manager" }, { "branches": [ { "category": "product_version_range", "name": "\u003c V3.1.1", "product": { "name": "TeleControl Server Basic V3", "product_id": "CSAFPID-0009" } } ], "category": "product_name", "name": "TeleControl Server Basic V3" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-45117", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "The OPC UA ANSIC Stack (also called Legacy C-Stack) was reported to crash when an unexpected OPC UA Response message status code was accessed via the synchronous Client API. The vulnerability was found in generated code of the OPC Foundation C-Stack. An unexpected status code in response message will dereference Null pointer leading to crash, ping of death (PoD). This affects a client, but it might also affect a server when it uses OpcUa_ClientApi_RegisterServer (e.g. register at LDS). A specially crafted UA server, or Man in the Middle attacker, can cause the OPC UA application to crash by sending uncertain status code in response message.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45117" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Do not use OPC client feature to connect via untrusted networks or to untrusted OPC-UA communication partners", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "mitigation", "details": "Use VPN for protecting network communication between cells", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] }, { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0005" ] }, { "category": "none_available", "details": "Currently no fix is available", "product_ids": [ "CSAFPID-0008" ] }, { "category": "vendor_fix", "details": "Update to V17 SP1 or later version", "product_ids": [ "CSAFPID-0007" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109808270/" }, { "category": "vendor_fix", "details": "Update to V14 SP1 Update 14 or later version", "product_ids": [ "CSAFPID-0004" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109807351/" }, { "category": "vendor_fix", "details": "Update to V16 Update 6 or later version", "product_ids": [ "CSAFPID-0006" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109811815/" }, { "category": "vendor_fix", "details": "Update to V3.1.1 or later version", "product_ids": [ "CSAFPID-0009" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109812231/" }, { "category": "vendor_fix", "details": "Update SIMATIC WinCC (TIA Portal) to V17 Update 5 or newer, and then update panel to V17 Update 5 or newer", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003" ], "url": "https://support.industry.siemens.com/cs/ww/en/view/109746530/" }, { "category": "mitigation", "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009" ] } ], "title": "CVE-2021-45117" } ] }
gsd-2021-45117
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2021-45117", "description": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.", "id": "GSD-2021-45117" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2021-45117" ], "details": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.", "id": "GSD-2021-45117", "modified": "2023-12-13T01:23:20.024216Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-45117", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.youtube.com/watch?v=qv-RBdCaV4k", "refsource": "MISC", "url": "https://www.youtube.com/watch?v=qv-RBdCaV4k" }, { "name": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf", "refsource": "MISC", "url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "\u003c1.05.01", "affected_versions": "All versions before 1.05.01", "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "cwe_ids": [ "CWE-1035", "CWE-476", "CWE-937" ], "date": "2022-09-05", "description": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.", "fixed_versions": [ "1.05.01" ], "identifier": "CVE-2021-45117", "identifiers": [ "CVE-2021-45117" ], "not_impacted": "All versions starting from 1.05.01", "package_slug": "conan/ua-nodeset", "pubdate": "2022-03-21", "solution": "Upgrade to version 1.05.01 or above, please note 1.05.01 is not yet available on conan.io.", "title": "NULL Pointer Dereference", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2021-45117", "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf", "https://www.youtube.com/watch?v=qv-RBdCaV4k" ], "uuid": "e9394b1a-ea76-44b5-bb4b-18a592eb75c8" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:opcfoundation:ua-nodeset:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.05.01", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sitop_manager:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-45117" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-476" } ] } ] }, "references": { "reference_data": [ { "name": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf", "refsource": "MISC", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf" }, { "name": "https://www.youtube.com/watch?v=qv-RBdCaV4k", "refsource": "MISC", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://www.youtube.com/watch?v=qv-RBdCaV4k" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6 } }, "lastModifiedDate": "2022-09-03T03:55Z", "publishedDate": "2022-03-21T15:15Z" } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.