ICSA-17-180-01A

Vulnerability from csaf_cisa - Published: 2017-06-29 00:00 - Updated: 2017-07-11 00:00
Summary
ICSA-17-180-01A_Siemens SIMATIC Industrial PCs, SINUMERIK Panel Control Unit, and SIMOTION P320 (Update A)

Notes

CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Summary
Maksim Malyutin from Embedi reported this issue to Intel.
Exploitability
No known public exploits specifically target this vulnerability.
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Maksim Malyutin"
        ],
        "organization": "Embedi",
        "summary": "reporting this issue to Intel"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "summary",
        "text": "Maksim Malyutin from Embedi reported this issue to Intel.",
        "title": "Summary"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "CISAservicedesk@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-180-01A JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-180-01a.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-180-01A Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-180-01a"
      }
    ],
    "title": "ICSA-17-180-01A_Siemens SIMATIC Industrial PCs, SINUMERIK Panel Control Unit, and SIMOTION P320 (Update A)",
    "tracking": {
      "current_release_date": "2017-07-11T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA USCert CSAF Generator",
          "version": "1"
        }
      },
      "id": "ICSA-17-180-01A",
      "initial_release_date": "2017-06-29T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-06-29T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-180-01 Siemens SIMATIC Industrial PCs, SINUMERIK Panel Control Unit (PCU), SIMOTION P320"
        },
        {
          "date": "2017-07-11T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-17-180-01A Siemens products with Intel processors (Update A)"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Intel Core i5 Intel Core i7 | Intel XEON",
                "product": {
                  "name": "SINUMERIK Panel Control Unit (PCU): (Intel Core i5 Intel Core i7 and Intel XEON)",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SINUMERIK Panel Control Unit (PCU)"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Intel Core i5 Intel Core i7 | Intel XEON",
                "product": {
                  "name": "SIMATIC Industrial PCs: (Intel Core i5 Intel Core i7 and Intel XEON)",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC Industrial PCs"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Intel Core i5 Intel Core i7 | Intel XEON",
                "product": {
                  "name": "SIMOTION P320: (Intel Core i5 Intel Core i7 and Intel XEON)",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMOTION P320"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5689",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Unprivileged local or remote attackers can gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM) and Intel Small Business Technology (SBT).CVE-2017-5689 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Siemens has provided firmware updates for the affected industrial PCs to address this vulnerability. These updates can be found on their web site at the following location:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2017-5689"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.