Vulnerabilites related to siemens - simatic_s7-300_cpu_315f-2_pn_firmware
Vulnerability from fkie_nvd
Published
2020-11-12 20:15
Modified
2024-11-21 05:06
Severity ?
Summary
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf | Mitigation, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07F5B314-ED39-4B8C-BF45-010BC1AB2F6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*", matchCriteriaId: "765286DF-07EC-4C7A-AB8C-09559CD977EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_312_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6EF8A28-8B05-46C2-911F-37AE46E04743", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_312:-:*:*:*:*:*:*:*", matchCriteriaId: "4FB328F8-3E03-440B-AB5C-ADA1D4F07F0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_314_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDD1105D-F909-4383-8490-66891609FDC7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_314:-:*:*:*:*:*:*:*", matchCriteriaId: "78399465-EED5-4EBD-A2E1-6FE0BD01EDB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_dp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07DC9E02-9B48-496E-8656-68CFFD399F1B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_dp:-:*:*:*:*:*:*:*", matchCriteriaId: "E8FD8E6D-0527-4215-B6F0-5824011433FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_pn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FEC66966-6794-4A83-A425-4BC8911392B8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "1F007420-6EF7-4ECF-9CBE-BABF39B3EE3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_317-2_pn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "581B9FCA-43EC-4BF3-B836-BBD9635EA8C9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_317-2_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "40F856D9-7954-4EE1-B5DA-18DFE21069AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_317-2_dp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F0B56C44-3148-4612-9543-9F96DF0142A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_317-2_dp:-:*:*:*:*:*:*:*", matchCriteriaId: "7593F136-F558-4C3D-8429-5141A621981B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_315f-2_dp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4D67C040-2D94-4872-98F9-B4B08290DD03", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_315f-2_dp:-:*:*:*:*:*:*:*", matchCriteriaId: "BD7AE84F-1476-4E2C-9E2B-0EDAEFE9EDA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_315f-2_pn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "694D542E-3E4F-4B6B-BD87-11EDD6C60527", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_315f-2_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "50798314-D77E-48C9-B608-0F7A72C88138", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_317f-2_pn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD47DCD2-068E-43E0-AEF8-71E9941FA816", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_317f-2_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "2713CAFF-4B49-48DF-A475-02D280927113", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_317f-2_dp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7F1F77B-37E4-4929-BA60-C631067BE843", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_317f-2_dp:-:*:*:*:*:*:*:*", matchCriteriaId: "B30FDCBC-62BC-43AC-BC92-A44D79525215", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_tdc_cpu555_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2D9C7D4A-F989-4B01-8FFD-5B5859F42D43", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_tdc_cpu555:-:*:*:*:*:*:*:*", matchCriteriaId: "AE6AB995-D67B-43E5-B8FF-97C38D20CB10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en la familia de CPUs SIMATIC S7-300 (incluidas las CPUs ET200 relacionadas y las variantes SIPLUS) (Todas las versiones), SIMATIC TDC CPU555 (Todas las versiones), SINUMERIK 840D sl (Todas las versiones). El envío de múltiples paquetes especialmente diseñados a los dispositivos afectados podría causar una denegación de servicio en el puerto 102. Se requiere un reinicio en frío para recuperar el servicio", }, ], id: "CVE-2020-15783", lastModified: "2024-11-21T05:06:10.283", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-11-12T20:15:16.343", references: [ { source: "productcert@siemens.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-400", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-09 19:15
Modified
2024-11-21 05:06
Severity ?
Summary
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol between a client and a PLC via port 102/tcp (ISO-TSAP) insufficiently protects the transmitted password. This could allow an attacker that is able to intercept the network traffic to obtain valid PLC credentials.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_312_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6EF8A28-8B05-46C2-911F-37AE46E04743", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_312:-:*:*:*:*:*:*:*", matchCriteriaId: "4FB328F8-3E03-440B-AB5C-ADA1D4F07F0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_314_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDD1105D-F909-4383-8490-66891609FDC7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_314:-:*:*:*:*:*:*:*", matchCriteriaId: "78399465-EED5-4EBD-A2E1-6FE0BD01EDB4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_dp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07DC9E02-9B48-496E-8656-68CFFD399F1B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_dp:-:*:*:*:*:*:*:*", matchCriteriaId: "E8FD8E6D-0527-4215-B6F0-5824011433FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_pn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FEC66966-6794-4A83-A425-4BC8911392B8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "1F007420-6EF7-4ECF-9CBE-BABF39B3EE3F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_317-2_pn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "581B9FCA-43EC-4BF3-B836-BBD9635EA8C9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_317-2_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "40F856D9-7954-4EE1-B5DA-18DFE21069AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_317-2_dp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F0B56C44-3148-4612-9543-9F96DF0142A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_317-2_dp:-:*:*:*:*:*:*:*", matchCriteriaId: "7593F136-F558-4C3D-8429-5141A621981B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_315f-2_dp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4D67C040-2D94-4872-98F9-B4B08290DD03", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_315f-2_dp:-:*:*:*:*:*:*:*", matchCriteriaId: "BD7AE84F-1476-4E2C-9E2B-0EDAEFE9EDA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_315f-2_pn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "694D542E-3E4F-4B6B-BD87-11EDD6C60527", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_315f-2_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "50798314-D77E-48C9-B608-0F7A72C88138", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_317f-2_pn_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD47DCD2-068E-43E0-AEF8-71E9941FA816", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_317f-2_pn:-:*:*:*:*:*:*:*", matchCriteriaId: "2713CAFF-4B49-48DF-A475-02D280927113", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-300_cpu_317f-2_dp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7F1F77B-37E4-4929-BA60-C631067BE843", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-300_cpu_317f-2_dp:-:*:*:*:*:*:*:*", matchCriteriaId: "B30FDCBC-62BC-43AC-BC92-A44D79525215", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-400_cpu_412_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D74D138-6C3A-4E20-9B29-6C9A573A6D32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-400_cpu_412:-:*:*:*:*:*:*:*", matchCriteriaId: "FD7BD15E-6FB2-489A-A48B-C80021029AE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-400_cpu_414_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33B29F2B-AC3D-49CE-9573-DCAB9169EA61", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-400_cpu_414:-:*:*:*:*:*:*:*", matchCriteriaId: "CE95DD6B-F615-47E5-A028-DE6DA7B32B16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-400_cpu_416_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50F9C422-E902-4890-9CED-3213E696ABE8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-400_cpu_416:-:*:*:*:*:*:*:*", matchCriteriaId: "0D439724-FC4C-4006-BB0C-0DBEA89693A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-400_cpu_417_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "26FB5714-01AF-4E98-84E9-56FF70DBB412", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-400_cpu_417:-:*:*:*:*:*:*:*", matchCriteriaId: "BA54AD7F-9D9D-479B-9E67-20378AB8E5A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol between a client and a PLC via port 102/tcp (ISO-TSAP) insufficiently protects the transmitted password. This could allow an attacker that is able to intercept the network traffic to obtain valid PLC credentials.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en la familia de SIMATIC S7-300 CPU (incluyendo las CPU ET200 relacionadas y las variantes SIPLUS) (Todas las versiones), familia SIMATIC S7-400 CPU (incluyendo las variantes SIPLUS) (Todas las versiones), SIMATIC WinAC RTX (F) 2010 (Todas las versiones), SINUMERIK 840D sl (Todas las versiones). El protocolo de autenticación entre un cliente y un PLC por medio del puerto 102/tcp (ISO-TSAP) no protege suficientemente la contraseña transmitida. Esto podría permitir a un atacante que pueda interceptar el tráfico de red obtener credenciales del PLC válidas", }, ], id: "CVE-2020-15791", lastModified: "2024-11-21T05:06:11.270", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-09T19:15:20.663", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-522", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-522", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
cve-2020-15791
Vulnerability from cvelistv5
Published
2020-09-09 18:13
Modified
2024-08-04 13:22
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol between a client and a PLC via port 102/tcp (ISO-TSAP) insufficiently protects the transmitted password. This could allow an attacker that is able to intercept the network traffic to obtain valid PLC credentials.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) |
Version: All versions |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:22:30.753Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC S7-400 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinAC RTX (F) 2010", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SINUMERIK 840D sl", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol between a client and a PLC via port 102/tcp (ISO-TSAP) insufficiently protects the transmitted password. This could allow an attacker that is able to intercept the network traffic to obtain valid PLC credentials.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-522", description: "CWE-522: Insufficiently Protected Credentials", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-14T21:05:18", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-15791", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC S7-400 CPU family (incl. SIPLUS variants)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinAC RTX (F) 2010", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SINUMERIK 840D sl", version: { version_data: [ { version_value: "All versions", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol between a client and a PLC via port 102/tcp (ISO-TSAP) insufficiently protects the transmitted password. This could allow an attacker that is able to intercept the network traffic to obtain valid PLC credentials.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-522: Insufficiently Protected Credentials", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-15791", datePublished: "2020-09-09T18:13:11", dateReserved: "2020-07-15T00:00:00", dateUpdated: "2024-08-04T13:22:30.753Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-15783
Vulnerability from cvelistv5
Published
2020-11-12 19:21
Modified
2024-08-04 13:22
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) |
Version: All versions |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:22:30.725Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC TDC CPU555", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SINUMERIK 840D sl", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T11:16:39", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-15783", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC TDC CPU555", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SINUMERIK 840D sl", version: { version_data: [ { version_value: "All versions", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC TDC CPU555 (All versions), SINUMERIK 840D sl (All versions). Sending multiple specially crafted packets to the affected devices could cause a Denial-of-Service on port 102. A cold restart is required to recover the service.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400: Uncontrolled Resource Consumption", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-492828.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-15783", datePublished: "2020-11-12T19:21:09", dateReserved: "2020-07-15T00:00:00", dateUpdated: "2024-08-04T13:22:30.725Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }