Vulnerabilites related to siemens - sinamics_starter
cve-2020-7586
Vulnerability from cvelistv5
Published
2020-06-10 16:23
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | x_refsource_MISC | |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | x_refsource_MISC | |
| https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 and earlier |
Version: All versions |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:33:19.798Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.2 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3", }, ], }, { product: "SIMATIC PDM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.2", }, ], }, { product: "SIMATIC STEP 7 V5.X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.6 SP2 HF3", }, ], }, { product: "SINAMICS STARTER (containing STEP 7 OEM version)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.4 HF2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-22T20:42:20", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-7586", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP3", }, ], }, }, { product_name: "SIMATIC PDM", version: { version_data: [ { version_value: "All versions < V9.2", }, ], }, }, { product_name: "SIMATIC STEP 7 V5.X", version: { version_data: [ { version_value: "All versions < V5.6 SP2 HF3", }, ], }, }, { product_name: "SINAMICS STARTER (containing STEP 7 OEM version)", version: { version_data: [ { version_value: "All versions < V5.4 HF2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-122: Heap-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { name: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { name: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", refsource: "CONFIRM", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-7586", datePublished: "2020-06-10T16:23:52", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:33:19.798Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31893
Vulnerability from cvelistv5
Published
2021-07-13 11:02
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 and earlier |
Version: All versions |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:30.646Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.2 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3", }, ], }, { product: "SIMATIC PDM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.2", }, ], }, { product: "SIMATIC STEP 7 V5.X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.6 SP2 HF3", }, ], }, { product: "SINAMICS STARTER (containing STEP 7 OEM version)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.4 HF2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-13T11:02:56", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-31893", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP3", }, ], }, }, { product_name: "SIMATIC PDM", version: { version_data: [ { version_value: "All versions < V9.2", }, ], }, }, { product_name: "SIMATIC STEP 7 V5.X", version: { version_data: [ { version_value: "All versions < V5.6 SP2 HF3", }, ], }, }, { product_name: "SINAMICS STARTER (containing STEP 7 OEM version)", version: { version_data: [ { version_value: "All versions < V5.4 HF2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-31893", datePublished: "2021-07-13T11:02:56", dateReserved: "2021-04-29T00:00:00", dateUpdated: "2024-08-03T23:10:30.646Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31894
Vulnerability from cvelistv5
Published
2021-07-13 11:02
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 and earlier |
Version: All versions |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:30.952Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.2 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP2", }, ], }, { product: "SIMATIC PDM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.2 SP2", }, ], }, { product: "SIMATIC STEP 7 V5.X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.7", }, ], }, { product: "SINAMICS STARTER (containing STEP 7 OEM version)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.4 SP2 HF1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-732", description: "CWE-732: Incorrect Permission Assignment for Critical Resource", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T11:17:00", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-31894", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.X", version: { version_data: [ { version_value: "All versions < V9.1 SP2", }, ], }, }, { product_name: "SIMATIC PDM", version: { version_data: [ { version_value: "All versions < V9.2 SP2", }, ], }, }, { product_name: "SIMATIC STEP 7 V5.X", version: { version_data: [ { version_value: "All versions < V5.7", }, ], }, }, { product_name: "SINAMICS STARTER (containing STEP 7 OEM version)", version: { version_data: [ { version_value: "All versions < V5.4 SP2 HF1", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-732: Incorrect Permission Assignment for Critical Resource", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-31894", datePublished: "2021-07-13T11:02:58", dateReserved: "2021-04-29T00:00:00", dateUpdated: "2024-08-03T23:10:30.952Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7585
Vulnerability from cvelistv5
Published
2020-06-10 16:23
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | x_refsource_MISC | |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | x_refsource_MISC | |
| https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 and earlier |
Version: All versions |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:33:19.945Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.2 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3", }, ], }, { product: "SIMATIC PDM", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.2", }, ], }, { product: "SIMATIC STEP 7 V5.X", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.6 SP2 HF3", }, ], }, { product: "SINAMICS STARTER (containing STEP 7 OEM version)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.4 HF2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-427", description: "CWE-427: Uncontrolled Search Path Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-22T20:42:20", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-7585", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP3", }, ], }, }, { product_name: "SIMATIC PDM", version: { version_data: [ { version_value: "All versions < V9.2", }, ], }, }, { product_name: "SIMATIC STEP 7 V5.X", version: { version_data: [ { version_value: "All versions < V5.6 SP2 HF3", }, ], }, }, { product_name: "SINAMICS STARTER (containing STEP 7 OEM version)", version: { version_data: [ { version_value: "All versions < V5.4 HF2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-427: Uncontrolled Search Path Element", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { name: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { name: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", refsource: "CONFIRM", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-7585", datePublished: "2020-06-10T16:23:39", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:33:19.945Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-07-13 11:15
Modified
2024-11-21 06:06
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7EEA55DF-23A5-4D3D-A2EC-EFFFBD8A7C3F", versionEndIncluding: "8.2", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:-:*:*:*:*:*:*", matchCriteriaId: "81FDDB73-5C1A-448E-A88E-835F04DB8444", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp1:*:*:*:*:*:*", matchCriteriaId: "39CC2ACC-62C3-434D-AB36-B73CA7CD5935", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp2:*:*:*:*:*:*", matchCriteriaId: "D6FE8718-AC43-4AD8-9226-2382CB588F7F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pcs:-:*:*:*:*:*:*:*", matchCriteriaId: "5BEAC421-FE31-4F16-8DB1-B816FDD66D64", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCE0E117-5AB1-4D65-84CA-1F4A48664C93", versionEndExcluding: "9.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*", matchCriteriaId: "E092B735-42D5-48D5-947B-288C0FA2E180", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_step_7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "06CA9ADA-EEEA-4655-93FA-11EF309D869B", versionEndIncluding: "5.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_step_7:-:*:*:*:*:*:*:*", matchCriteriaId: "FB1FE00B-0613-4819-8D50-A5A0B6A190D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACF25F6B-8DC4-4835-AE2F-2E03D3FA4C8C", versionEndExcluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:-:*:*:*:*:*:*", matchCriteriaId: "4D01AB88-A23C-4105-9D5C-DEAA8C2AAFE9", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_1:*:*:*:*:*:*", matchCriteriaId: "C803017D-BCE6-4638-A54F-D29CA8AE5ABC", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_2:*:*:*:*:*:*", matchCriteriaId: "A5900915-29CC-4F36-9622-4E81038CE932", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_starter:-:*:*:*:*:*:*:*", matchCriteriaId: "C3E8B354-CB0D-40F1-BC2B-C2355974C2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 versiones V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 versiones V9.0 (Todas las versiones anteriores a V9.0 SP3), SIMATIC PDM (Todas las versiones anteriores a V9.2), SIMATIC STEP 7 versiones V5.X (Todas las versiones anteriores a V5.6 SP2 HF3), SINAMICS STARTER (que contiene la versión OEM de STEP 7) (Todas las versiones anteriores a V5.4 HF2). El software afectado contiene una vulnerabilidad de desbordamiento de búfer mientras se manejan determinados archivos que podría permitir a un atacante local desencadenar una condición de denegación de servicio o potencialmente conllevar a una ejecución de código remota", }, ], id: "CVE-2021-31893", lastModified: "2024-11-21T06:06:26.987", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-13T11:15:09.527", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-10 17:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | ||
| productcert@siemens.com | https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_process_device_manager | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | sinamics_starter | * | |
| siemens | sinamics_starter | 5.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "13E3BDF0-B691-4A97-A74A-A65EC910480E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_process_device_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "50C02E17-87F5-47DB-B4F3-EFC44B0DFC88", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "CAF09D6E-3375-4731-B16D-30B7592EA5FB", versionEndExcluding: "5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:-:*:*:*:*:*:*", matchCriteriaId: "851F8474-4568-487D-98FB-47DF7EAEAC3B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp1:*:*:*:*:*:*", matchCriteriaId: "81EADA2F-884C-4D72-8489-71025B3EBAEE", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2:*:*:*:*:*:*", matchCriteriaId: "78366D2F-B728-47F6-B539-5FB2D1B0419D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2_hotfix1:*:*:*:*:*:*", matchCriteriaId: "06A86DA0-BC1F-4306-B02E-ED2FA36BE273", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_starter:*:*:*:*:*:*:*:*", matchCriteriaId: "23020179-5112-48A8-BA76-EB6C073867BF", versionEndExcluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_starter:5.4:-:*:*:*:*:*:*", matchCriteriaId: "E04348B3-6DAC-49E2-A612-FE0A3166776B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 versión V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9.0 SP3), SIMATIC PDM (Todas las versiones anteriores a V9.2), SIMATIC STEP 7 V5.X (Todas las versiones anteriores a V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (Todas las versiones anteriores a V5.4 HF2). Una vulnerabilidad de desbordamiento del búfer podría permitir a un atacante local causar una situación de Denegación de Servicio. La vulnerabilidad de seguridad podría ser explotada por parte de un atacante con acceso local a los sistemas afectados. Una explotación con éxito podría requerir privilegios de usuario pero no una interacción del usuario. La vulnerabilidad podría permitir a un atacante comprometer la disponibilidad del sistema, así como tener acceso a información confidencial", }, ], id: "CVE-2020-7586", lastModified: "2024-11-21T05:37:25.427", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-10T17:15:12.520", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { source: "productcert@siemens.com", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-122", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-10 17:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | ||
| productcert@siemens.com | https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-161-05 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_process_device_manager | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | sinamics_starter | * | |
| siemens | sinamics_starter | 5.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "13E3BDF0-B691-4A97-A74A-A65EC910480E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_process_device_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "50C02E17-87F5-47DB-B4F3-EFC44B0DFC88", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "CAF09D6E-3375-4731-B16D-30B7592EA5FB", versionEndExcluding: "5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:-:*:*:*:*:*:*", matchCriteriaId: "851F8474-4568-487D-98FB-47DF7EAEAC3B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp1:*:*:*:*:*:*", matchCriteriaId: "81EADA2F-884C-4D72-8489-71025B3EBAEE", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2:*:*:*:*:*:*", matchCriteriaId: "78366D2F-B728-47F6-B539-5FB2D1B0419D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2_hotfix1:*:*:*:*:*:*", matchCriteriaId: "06A86DA0-BC1F-4306-B02E-ED2FA36BE273", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_starter:*:*:*:*:*:*:*:*", matchCriteriaId: "23020179-5112-48A8-BA76-EB6C073867BF", versionEndExcluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_starter:5.4:-:*:*:*:*:*:*", matchCriteriaId: "E04348B3-6DAC-49E2-A612-FE0A3166776B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9.0 SP3), SIMATIC PDM (Todas las versiones anteriores a V9.2), SIMATIC STEP 7 V5.X (Todas las versiones anteriores a V5.6 SP2 HF3), SINAMICS STARTER (que contiene la versión OEM de STEP 7) (Todas las versiones anteriores a V5.4 HF2). Una vulnerabilidad de Secuestro de DLL podría permitir a un atacante local ejecutar código con privilegios elevados. La vulnerabilidad de seguridad podría ser explotada por parte de un atacante con acceso local a los sistemas afectados. Una explotación con éxito requiere privilegios de usuario pero no interacción del usuario. La vulnerabilidad podría permitir a un atacante comprometer la disponibilidad del sistema, así como tener acceso a información confidencial", }, ], id: "CVE-2020-7585", lastModified: "2024-11-21T05:37:25.310", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-10T17:15:12.457", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { source: "productcert@siemens.com", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-20-161-05", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-427", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-427", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-07-13 11:15
Modified
2024-11-21 06:06
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pcs_7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "943D8B33-182B-4E6F-9318-D7AEC1CB09C5", versionEndIncluding: "8.2", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_pcs_7_firmware:9.0:*:*:*:*:*:*:*", matchCriteriaId: "EF59BB59-530E-41D7-8D5B-090C0FDBDDB1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pcs_7:-:*:*:*:*:*:*:*", matchCriteriaId: "5EEFB170-B4B0-4A0E-8828-9491446033A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pdm_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "311060D9-5691-4C4C-9CB6-14F25CBA4DB0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*", matchCriteriaId: "E092B735-42D5-48D5-947B-288C0FA2E180", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_step_7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2CE4FB98-0276-4573-BAD7-04CE7F7E025E", versionEndExcluding: "5.7", versionStartIncluding: "5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_step_7:-:*:*:*:*:*:*:*", matchCriteriaId: "FB1FE00B-0613-4819-8D50-A5A0B6A190D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACF25F6B-8DC4-4835-AE2F-2E03D3FA4C8C", versionEndExcluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:-:*:*:*:*:*:*", matchCriteriaId: "4D01AB88-A23C-4105-9D5C-DEAA8C2AAFE9", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hf1:*:*:*:*:*:*", matchCriteriaId: "F5953F96-3995-4974-9D73-EA32BF4DE53B", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hf2:*:*:*:*:*:*", matchCriteriaId: "D8793ACD-F4C9-4954-856A-ECB57A2BE990", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:sp1:*:*:*:*:*:*", matchCriteriaId: "FABF5C1B-F79B-4CB4-9340-A0D61EF151A9", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:sp1_hf1:*:*:*:*:*:*", matchCriteriaId: "104FAEB7-9C81-49B2-8F06-7E5FDA87BD98", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:sp2:*:*:*:*:*:*", matchCriteriaId: "5973C248-327A-44C4-B913-1327270E64D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_starter:-:*:*:*:*:*:*:*", matchCriteriaId: "C3E8B354-CB0D-40F1-BC2B-C2355974C2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 V9.X (Todas las versiones anteriores a V9.1 SP2), SIMATIC PDM (Todas las versiones anteriores a V9.2 SP2), SIMATIC STEP 7 V5.X (Todas las versiones anteriores a V5.7), SINAMICS STARTER (que contiene la versión OEM de STEP 7) (Todas las versiones anteriores a V5.4 SP2 HF1). Un directorio que contiene metafichas relevantes para las configuraciones de los dispositivos tiene permisos de escritura. Un atacante podría aprovechar esta vulnerabilidad cambiando el contenido de ciertos metaficheros y posteriormente manipular los parámetros o el comportamiento de los dispositivos que posteriormente serían configurados por el software afectado", }, ], id: "CVE-2021-31894", lastModified: "2024-11-21T06:06:27.113", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-07-13T11:15:09.603", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-732", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }