var-202305-0430
Vulnerability from variot
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The web based management of affected devices does not properly validate user input, making it susceptible to command injection. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges. Siemens' 6gk1411-1ac00 firmware and 6gk1411-5ac00 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices to be interfaced with OPC UA servers as OPC UA clients
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202305-0430", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "6gk1411-5ac00", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "6gk1411-1ac00", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "6gk1411-5ac00", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6gk1411-1ac00", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cloud connect cc716", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003e=v2.0,\u003cv2.1" }, { "model": "simatic cloud connect cc712", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003e=v2.0,\u003cv2.1" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35774" }, { "db": "JVNDB", "id": "JVNDB-2023-009653" }, { "db": "NVD", "id": "CVE-2023-28832" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:6gk1411-1ac00_firmware:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:6gk1411-1ac00:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:6gk1411-5ac00_firmware:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:6gk1411-5ac00:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2023-28832" } ] }, "cve": "CVE-2023-28832", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CNVD-2023-35774", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.2, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.2, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2023-009653", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2023-28832", "trust": 1.0, "value": "HIGH" }, { "author": "OTHER", "id": "JVNDB-2023-009653", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2023-35774", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202305-650", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35774" }, { "db": "JVNDB", "id": "JVNDB-2023-009653" }, { "db": "NVD", "id": "CVE-2023-28832" }, { "db": "CNNVD", "id": "CNNVD-202305-650" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions \u003e= V2.0 \u003c V2.1), SIMATIC Cloud Connect 7 CC716 (All versions \u003e= V2.0 \u003c V2.1). The web based management of affected devices does not properly validate user input, making it susceptible to command injection. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges. Siemens\u0027 6gk1411-1ac00 firmware and 6gk1411-5ac00 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices to be interfaced with OPC UA servers as OPC UA clients", "sources": [ { "db": "NVD", "id": "CVE-2023-28832" }, { "db": "JVNDB", "id": "JVNDB-2023-009653" }, { "db": "CNVD", "id": "CNVD-2023-35774" }, { "db": "VULMON", "id": "CVE-2023-28832" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-28832", "trust": 3.9 }, { "db": "SIEMENS", "id": "SSA-555292", "trust": 3.1 }, { "db": "JVN", "id": "JVNVU98195668", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-131-04", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-009653", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2023-35774", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202305-650", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-28832", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35774" }, { "db": "VULMON", "id": "CVE-2023-28832" }, { "db": "JVNDB", "id": "JVNDB-2023-009653" }, { "db": "NVD", "id": "CVE-2023-28832" }, { "db": "CNNVD", "id": "CNNVD-202305-650" } ] }, "id": "VAR-202305-0430", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2023-35774" } ], "trust": 0.06 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35774" } ] }, "last_update_date": "2023-12-18T11:04:49.433000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens SIMATIC Cloud Connect 7 Command Injection Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/424686" }, { "title": "Siemens SIMATIC Cloud Connect Fixes for command injection vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=237051" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35774" }, { "db": "CNNVD", "id": "CNNVD-202305-650" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-77", "trust": 1.0 }, { "problemtype": "Command injection (CWE-77) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009653" }, { "db": "NVD", "id": "CVE-2023-28832" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-555292.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-28832" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98195668/" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-04" }, { "trust": 0.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-555292.html" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2023-28832/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/77.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-35774" }, { "db": "VULMON", "id": "CVE-2023-28832" }, { "db": "JVNDB", "id": "JVNDB-2023-009653" }, { "db": "NVD", "id": "CVE-2023-28832" }, { "db": "CNNVD", "id": "CNNVD-202305-650" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2023-35774" }, { "db": "VULMON", "id": "CVE-2023-28832" }, { "db": "JVNDB", "id": "JVNDB-2023-009653" }, { "db": "NVD", "id": "CVE-2023-28832" }, { "db": "CNNVD", "id": "CNNVD-202305-650" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-05-10T00:00:00", "db": "CNVD", "id": "CNVD-2023-35774" }, { "date": "2023-05-09T00:00:00", "db": "VULMON", "id": "CVE-2023-28832" }, { "date": "2023-12-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-009653" }, { "date": "2023-05-09T13:15:17.373000", "db": "NVD", "id": "CVE-2023-28832" }, { "date": "2023-05-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202305-650" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-05-10T00:00:00", "db": "CNVD", "id": "CNVD-2023-35774" }, { "date": "2023-05-09T00:00:00", "db": "VULMON", "id": "CVE-2023-28832" }, { "date": "2023-12-06T05:17:00", "db": "JVNDB", "id": "JVNDB-2023-009653" }, { "date": "2023-05-15T18:49:38.067000", "db": "NVD", "id": "CVE-2023-28832" }, { "date": "2023-05-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202305-650" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202305-650" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens\u0027 \u00a06gk1411-1ac00\u00a0 firmware and \u00a06gk1411-5ac00\u00a0 Command injection vulnerability in firmware", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-009653" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "command injection", "sources": [ { "db": "CNNVD", "id": "CNNVD-202305-650" } ], "trust": 0.6 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.