cvelistv5 - CVE-2021-31893

CVE-2021-31893

Vulnerability from cvelistv5

Published

2021-07-13 11:02

Modified

2024-08-03 23:10

Severity ?

Summary

References

▼	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf	Patch, Vendor Advisory

Impacted products

Vendor

Product

Version

▼

Siemens

SIMATIC PCS 7 V8.2 and earlier

Version: All versions

Siemens	SIMATIC PCS 7 V9.0	Version: All versions < V9.0 SP3
Siemens	SIMATIC PDM	Version: All versions < V9.2
Siemens	SIMATIC STEP 7 V5.X	Version: All versions < V5.6 SP2 HF3
Siemens	SINAMICS STARTER (containing STEP 7 OEM version)	Version: All versions < V5.4 HF2

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T23:10:30.646Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "SIMATIC PCS 7 V8.2 and earlier",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions",
                  },
               ],
            },
            {
               product: "SIMATIC PCS 7 V9.0",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V9.0 SP3",
                  },
               ],
            },
            {
               product: "SIMATIC PDM",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V9.2",
                  },
               ],
            },
            {
               product: "SIMATIC STEP 7 V5.X",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V5.6 SP2 HF3",
                  },
               ],
            },
            {
               product: "SINAMICS STARTER (containing STEP 7 OEM version)",
               vendor: "Siemens",
               versions: [
                  {
                     status: "affected",
                     version: "All versions < V5.4 HF2",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-120",
                     description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-07-13T11:02:56",
            orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
            shortName: "siemens",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "productcert@siemens.com",
               ID: "CVE-2021-31893",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "SIMATIC PCS 7 V8.2 and earlier",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "All versions",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "SIMATIC PCS 7 V9.0",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "All versions < V9.0 SP3",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "SIMATIC PDM",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "All versions < V9.2",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "SIMATIC STEP 7 V5.X",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "All versions < V5.6 SP2 HF3",
                                       },
                                    ],
                                 },
                              },
                              {
                                 product_name: "SINAMICS STARTER (containing STEP 7 OEM version)",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "All versions < V5.4 HF2",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Siemens",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
                     refsource: "MISC",
                     url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
      assignerShortName: "siemens",
      cveId: "CVE-2021-31893",
      datePublished: "2021-07-13T11:02:56",
      dateReserved: "2021-04-29T00:00:00",
      dateUpdated: "2024-08-03T23:10:30.646Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2021-31893\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2021-07-13T11:15:09.527\",\"lastModified\":\"2024-11-21T06:06:26.987\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en SIMATIC PCS 7 versiones V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7  versiones V9.0 (Todas las versiones anteriores a V9.0 SP3), SIMATIC PDM (Todas las versiones anteriores a V9.2), SIMATIC STEP 7  versiones V5.X (Todas las versiones anteriores a V5.6 SP2 HF3), SINAMICS STARTER (que contiene la versión OEM de STEP 7) (Todas las versiones anteriores a V5.4 HF2). El software afectado contiene una vulnerabilidad de desbordamiento de búfer mientras se manejan determinados archivos que podría permitir a un atacante local desencadenar una condición de denegación de servicio o potencialmente conllevar a una ejecución de código remota\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_pcs_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.2\",\"matchCriteriaId\":\"7EEA55DF-23A5-4D3D-A2EC-EFFFBD8A7C3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"81FDDB73-5C1A-448E-A88E-835F04DB8444\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"39CC2ACC-62C3-434D-AB36-B73CA7CD5935\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6FE8718-AC43-4AD8-9226-2382CB588F7F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_pcs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BEAC421-FE31-4F16-8DB1-B816FDD66D64\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.2\",\"matchCriteriaId\":\"FCE0E117-5AB1-4D65-84CA-1F4A48664C93\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E092B735-42D5-48D5-947B-288C0FA2E180\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_step_7_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.6\",\"matchCriteriaId\":\"06CA9ADA-EEEA-4655-93FA-11EF309D869B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_step_7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB1FE00B-0613-4819-8D50-A5A0B6A190D1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sinamics_starter_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.4\",\"matchCriteriaId\":\"ACF25F6B-8DC4-4835-AE2F-2E03D3FA4C8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D01AB88-A23C-4105-9D5C-DEAA8C2AAFE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C803017D-BCE6-4638-A54F-D29CA8AE5ABC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5900915-29CC-4F36-9622-4E81038CE932\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sinamics_starter:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3E8B354-CB0D-40F1-BC2B-C2355974C2A9\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
   },
}

icsa-21-194-05

Vulnerability from csaf_cisa

Published

2021-07-13 00:00

Modified

2021-07-13 00:00

Summary

Siemens SIMATIC Software Products

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of this vulnerability could allow an attacker to manipulate project files, create a denial-of-service condition or remotely execute code.

Critical infrastructure sectors

Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Exploitability

No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely.

JSON

To clipboard

{
   document: {
      acknowledgments: [
         {
            names: [
               "Uri Katz",
            ],
            organization: "Claroty",
            summary: "reporting this vulnerability to Siemens",
         },
      ],
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Disclosure is not limited",
         tlp: {
            label: "WHITE",
            url: "https://us-cert.cisa.gov/tlp/",
         },
      },
      lang: "en-US",
      notes: [
         {
            category: "general",
            text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
            title: "CISA Disclaimer",
         },
         {
            category: "legal_disclaimer",
            text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
            title: "Legal Notice",
         },
         {
            category: "summary",
            text: "Successful exploitation of this vulnerability could allow an attacker to manipulate project files, create a denial-of-service condition or remotely execute code.",
            title: "Risk evaluation",
         },
         {
            category: "other",
            text: "Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems",
            title: "Critical infrastructure sectors",
         },
         {
            category: "other",
            text: "Worldwide",
            title: "Countries/areas deployed",
         },
         {
            category: "other",
            text: "Germany",
            title: "Company headquarters location",
         },
         {
            category: "general",
            text: "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
            title: "Recommended Practices",
         },
         {
            category: "general",
            text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
            title: "Recommended Practices",
         },
         {
            category: "general",
            text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
            title: "Recommended Practices",
         },
         {
            category: "general",
            text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
            title: "Additional Resources",
         },
         {
            category: "other",
            text: "No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely.",
            title: "Exploitability",
         },
      ],
      publisher: {
         category: "coordinator",
         contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
         name: "CISA",
         namespace: "https://www.cisa.gov/",
      },
      references: [
         {
            category: "external",
            summary: "SSA-641963: Remote Code Execution Vulnerability in Multiple SIMATIC Software Products - CSAF Version",
            url: "https://cert-portal.siemens.com/productcert/csaf/ssa-641963.json",
         },
         {
            category: "self",
            summary: "ICS Advisory ICSA-21-194-05 JSON",
            url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-194-05.json",
         },
         {
            category: "self",
            summary: "ICS Advisory ICSA-21-194-05 Web Version",
            url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-194-05",
         },
         {
            category: "external",
            summary: "Recommended Practices",
            url: "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01",
         },
         {
            category: "external",
            summary: "Recommended Practices",
            url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf",
         },
         {
            category: "external",
            summary: "Recommended Practices",
            url: "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B",
         },
         {
            category: "external",
            summary: "SSA-641963: Remote Code Execution Vulnerability in Multiple SIMATIC Software Products - PDF Version",
            url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
         },
         {
            category: "external",
            summary: "SSA-641963: Remote Code Execution Vulnerability in Multiple SIMATIC Software Products - TXT Version",
            url: "https://cert-portal.siemens.com/productcert/txt/ssa-641963.txt",
         },
      ],
      title: "Siemens SIMATIC Software Products",
      tracking: {
         current_release_date: "2021-07-13T00:00:00.000000Z",
         generator: {
            engine: {
               name: "CISA CSAF Generator",
               version: "1.0.0",
            },
         },
         id: "ICSA-21-194-05",
         initial_release_date: "2021-07-13T00:00:00.000000Z",
         revision_history: [
            {
               date: "2021-07-13T00:00:00.000000Z",
               legacy_version: "Initial",
               number: "1",
               summary: "ICSA-21-194-05 Siemens SIMATIC Software Products",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "vers:all/*",
                        product: {
                           name: "SIMATIC PCS 7 V8.2 and earlier",
                           product_id: "CSAFPID-0001",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC PCS 7 V8.2 and earlier",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "< V9.0 SP3",
                        product: {
                           name: "SIMATIC PCS 7 V9.0",
                           product_id: "CSAFPID-0002",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC PCS 7 V9.0",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "< V9.2",
                        product: {
                           name: "SIMATIC PDM",
                           product_id: "CSAFPID-0003",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC PDM",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "< V5.6 SP2 HF3",
                        product: {
                           name: "SIMATIC STEP 7 V5.X",
                           product_id: "CSAFPID-0004",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC STEP 7 V5.X",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "< V5.4 HF2",
                        product: {
                           name: "SINAMICS STARTER (containing STEP 7 OEM version)",
                           product_id: "CSAFPID-0005",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SINAMICS STARTER (containing STEP 7 OEM version)",
               },
            ],
            category: "vendor",
            name: "Siemens",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2021-31893",
         cwe: {
            id: "CWE-120",
            name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
         },
         notes: [
            {
               category: "summary",
               text: "The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-0001",
               "CSAFPID-0002",
               "CSAFPID-0003",
               "CSAFPID-0004",
               "CSAFPID-0005",
            ],
         },
         references: [
            {
               summary: "CVE-2021-31893 - SIMATIC PDM",
               url: "https://support.industry.siemens.com/cs/ww/en/view/109794361/",
            },
            {
               summary: "CVE-2021-31893 - SIMATIC STEP 7 V5.X",
               url: "https://support.industry.siemens.com/cs/de/en/view/109779992/",
            },
            {
               summary: "CVE-2021-31893 - SINAMICS STARTER (containing STEP 7 OEM version)",
               url: "https://support.industry.siemens.com/cs/us/en/view/109782792/",
            },
            {
               summary: "CVE-2021-31893 Mitre 5.0 json",
               url: "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-31893.json",
            },
            {
               category: "external",
               summary: "web.nvd.nist.gov",
               url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31893",
            },
            {
               category: "external",
               summary: "www.first.org",
               url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            },
         ],
         remediations: [
            {
               category: "none_available",
               details: "Currently no remediation is available",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update to V9.0 SP3 or later version",
               product_ids: [
                  "CSAFPID-0002",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update to V9.2 or later version",
               product_ids: [
                  "CSAFPID-0003",
               ],
               url: "https://support.industry.siemens.com/cs/ww/en/view/109794361/",
            },
            {
               category: "vendor_fix",
               details: "Update to V5.6 SP2 HF3 or later version",
               product_ids: [
                  "CSAFPID-0004",
               ],
               url: "https://support.industry.siemens.com/cs/de/en/view/109779992/",
            },
            {
               category: "vendor_fix",
               details: "Update to V5.4 HF2 or later version",
               product_ids: [
                  "CSAFPID-0005",
               ],
               url: "https://support.industry.siemens.com/cs/us/en/view/109782792/",
            },
            {
               category: "workaround",
               details: "Restrict access to project files on the engineering station to trusted users",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
               ],
            },
            {
               category: "workaround",
               details: "Only use project files from trusted sources",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
               ],
            },
            {
               category: "mitigation",
               details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
               ],
            },
         ],
         title: "CVE-2021-31893",
      },
   ],
}

ICSA-21-194-05

Vulnerability from csaf_cisa

Published

2021-07-13 00:00

Modified

2021-07-13 00:00

Summary

Siemens SIMATIC Software Products

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

Risk evaluation

Successful exploitation of this vulnerability could allow an attacker to manipulate project files, create a denial-of-service condition or remotely execute code.

Critical infrastructure sectors

Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Exploitability

No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely.

JSON

To clipboard

{
   document: {
      acknowledgments: [
         {
            names: [
               "Uri Katz",
            ],
            organization: "Claroty",
            summary: "reporting this vulnerability to Siemens",
         },
      ],
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Disclosure is not limited",
         tlp: {
            label: "WHITE",
            url: "https://us-cert.cisa.gov/tlp/",
         },
      },
      lang: "en-US",
      notes: [
         {
            category: "general",
            text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
            title: "CISA Disclaimer",
         },
         {
            category: "legal_disclaimer",
            text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
            title: "Legal Notice",
         },
         {
            category: "summary",
            text: "Successful exploitation of this vulnerability could allow an attacker to manipulate project files, create a denial-of-service condition or remotely execute code.",
            title: "Risk evaluation",
         },
         {
            category: "other",
            text: "Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems",
            title: "Critical infrastructure sectors",
         },
         {
            category: "other",
            text: "Worldwide",
            title: "Countries/areas deployed",
         },
         {
            category: "other",
            text: "Germany",
            title: "Company headquarters location",
         },
         {
            category: "general",
            text: "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
            title: "Recommended Practices",
         },
         {
            category: "general",
            text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
            title: "Recommended Practices",
         },
         {
            category: "general",
            text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
            title: "Recommended Practices",
         },
         {
            category: "general",
            text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
            title: "Additional Resources",
         },
         {
            category: "other",
            text: "No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely.",
            title: "Exploitability",
         },
      ],
      publisher: {
         category: "coordinator",
         contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
         name: "CISA",
         namespace: "https://www.cisa.gov/",
      },
      references: [
         {
            category: "external",
            summary: "SSA-641963: Remote Code Execution Vulnerability in Multiple SIMATIC Software Products - CSAF Version",
            url: "https://cert-portal.siemens.com/productcert/csaf/ssa-641963.json",
         },
         {
            category: "self",
            summary: "ICS Advisory ICSA-21-194-05 JSON",
            url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-194-05.json",
         },
         {
            category: "self",
            summary: "ICS Advisory ICSA-21-194-05 Web Version",
            url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-194-05",
         },
         {
            category: "external",
            summary: "Recommended Practices",
            url: "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01",
         },
         {
            category: "external",
            summary: "Recommended Practices",
            url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf",
         },
         {
            category: "external",
            summary: "Recommended Practices",
            url: "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B",
         },
         {
            category: "external",
            summary: "SSA-641963: Remote Code Execution Vulnerability in Multiple SIMATIC Software Products - PDF Version",
            url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
         },
         {
            category: "external",
            summary: "SSA-641963: Remote Code Execution Vulnerability in Multiple SIMATIC Software Products - TXT Version",
            url: "https://cert-portal.siemens.com/productcert/txt/ssa-641963.txt",
         },
      ],
      title: "Siemens SIMATIC Software Products",
      tracking: {
         current_release_date: "2021-07-13T00:00:00.000000Z",
         generator: {
            engine: {
               name: "CISA CSAF Generator",
               version: "1.0.0",
            },
         },
         id: "ICSA-21-194-05",
         initial_release_date: "2021-07-13T00:00:00.000000Z",
         revision_history: [
            {
               date: "2021-07-13T00:00:00.000000Z",
               legacy_version: "Initial",
               number: "1",
               summary: "ICSA-21-194-05 Siemens SIMATIC Software Products",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "vers:all/*",
                        product: {
                           name: "SIMATIC PCS 7 V8.2 and earlier",
                           product_id: "CSAFPID-0001",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC PCS 7 V8.2 and earlier",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "< V9.0 SP3",
                        product: {
                           name: "SIMATIC PCS 7 V9.0",
                           product_id: "CSAFPID-0002",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC PCS 7 V9.0",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "< V9.2",
                        product: {
                           name: "SIMATIC PDM",
                           product_id: "CSAFPID-0003",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC PDM",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "< V5.6 SP2 HF3",
                        product: {
                           name: "SIMATIC STEP 7 V5.X",
                           product_id: "CSAFPID-0004",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC STEP 7 V5.X",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "< V5.4 HF2",
                        product: {
                           name: "SINAMICS STARTER (containing STEP 7 OEM version)",
                           product_id: "CSAFPID-0005",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SINAMICS STARTER (containing STEP 7 OEM version)",
               },
            ],
            category: "vendor",
            name: "Siemens",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2021-31893",
         cwe: {
            id: "CWE-120",
            name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
         },
         notes: [
            {
               category: "summary",
               text: "The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-0001",
               "CSAFPID-0002",
               "CSAFPID-0003",
               "CSAFPID-0004",
               "CSAFPID-0005",
            ],
         },
         references: [
            {
               summary: "CVE-2021-31893 - SIMATIC PDM",
               url: "https://support.industry.siemens.com/cs/ww/en/view/109794361/",
            },
            {
               summary: "CVE-2021-31893 - SIMATIC STEP 7 V5.X",
               url: "https://support.industry.siemens.com/cs/de/en/view/109779992/",
            },
            {
               summary: "CVE-2021-31893 - SINAMICS STARTER (containing STEP 7 OEM version)",
               url: "https://support.industry.siemens.com/cs/us/en/view/109782792/",
            },
            {
               summary: "CVE-2021-31893 Mitre 5.0 json",
               url: "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-31893.json",
            },
            {
               category: "external",
               summary: "web.nvd.nist.gov",
               url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31893",
            },
            {
               category: "external",
               summary: "www.first.org",
               url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            },
         ],
         remediations: [
            {
               category: "none_available",
               details: "Currently no remediation is available",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update to V9.0 SP3 or later version",
               product_ids: [
                  "CSAFPID-0002",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update to V9.2 or later version",
               product_ids: [
                  "CSAFPID-0003",
               ],
               url: "https://support.industry.siemens.com/cs/ww/en/view/109794361/",
            },
            {
               category: "vendor_fix",
               details: "Update to V5.6 SP2 HF3 or later version",
               product_ids: [
                  "CSAFPID-0004",
               ],
               url: "https://support.industry.siemens.com/cs/de/en/view/109779992/",
            },
            {
               category: "vendor_fix",
               details: "Update to V5.4 HF2 or later version",
               product_ids: [
                  "CSAFPID-0005",
               ],
               url: "https://support.industry.siemens.com/cs/us/en/view/109782792/",
            },
            {
               category: "workaround",
               details: "Restrict access to project files on the engineering station to trusted users",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
               ],
            },
            {
               category: "workaround",
               details: "Only use project files from trusted sources",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
               ],
            },
            {
               category: "mitigation",
               details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
               ],
            },
         ],
         title: "CVE-2021-31893",
      },
   ],
}

fkie_cve-2021-31893

Vulnerability from fkie_nvd

Published

2021-07-13 11:15

Modified

2024-11-21 06:06

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

▼	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	simatic_pcs_firmware	*
siemens	simatic_pcs_firmware	9.0
siemens	simatic_pcs_firmware	9.0
siemens	simatic_pcs_firmware	9.0
siemens	simatic_pcs	-
siemens	simatic_pdm_firmware	*
siemens	simatic_pdm	-
siemens	simatic_step_7_firmware	*
siemens	simatic_step_7	-
siemens	sinamics_starter_firmware	*
siemens	sinamics_starter_firmware	5.4
siemens	sinamics_starter_firmware	5.4
siemens	sinamics_starter_firmware	5.4
siemens	sinamics_starter	-

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7EEA55DF-23A5-4D3D-A2EC-EFFFBD8A7C3F",
                     versionEndIncluding: "8.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "81FDDB73-5C1A-448E-A88E-835F04DB8444",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp1:*:*:*:*:*:*",
                     matchCriteriaId: "39CC2ACC-62C3-434D-AB36-B73CA7CD5935",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp2:*:*:*:*:*:*",
                     matchCriteriaId: "D6FE8718-AC43-4AD8-9226-2382CB588F7F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:siemens:simatic_pcs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BEAC421-FE31-4F16-8DB1-B816FDD66D64",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FCE0E117-5AB1-4D65-84CA-1F4A48664C93",
                     versionEndExcluding: "9.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E092B735-42D5-48D5-947B-288C0FA2E180",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:siemens:simatic_step_7_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "06CA9ADA-EEEA-4655-93FA-11EF309D869B",
                     versionEndIncluding: "5.6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:siemens:simatic_step_7:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB1FE00B-0613-4819-8D50-A5A0B6A190D1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ACF25F6B-8DC4-4835-AE2F-2E03D3FA4C8C",
                     versionEndExcluding: "5.4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:-:*:*:*:*:*:*",
                     matchCriteriaId: "4D01AB88-A23C-4105-9D5C-DEAA8C2AAFE9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_1:*:*:*:*:*:*",
                     matchCriteriaId: "C803017D-BCE6-4638-A54F-D29CA8AE5ABC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_2:*:*:*:*:*:*",
                     matchCriteriaId: "A5900915-29CC-4F36-9622-4E81038CE932",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:siemens:sinamics_starter:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3E8B354-CB0D-40F1-BC2B-C2355974C2A9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.",
      },
      {
         lang: "es",
         value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 versiones V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7  versiones V9.0 (Todas las versiones anteriores a V9.0 SP3), SIMATIC PDM (Todas las versiones anteriores a V9.2), SIMATIC STEP 7  versiones V5.X (Todas las versiones anteriores a V5.6 SP2 HF3), SINAMICS STARTER (que contiene la versión OEM de STEP 7) (Todas las versiones anteriores a V5.4 HF2). El software afectado contiene una vulnerabilidad de desbordamiento de búfer mientras se manejan determinados archivos que podría permitir a un atacante local desencadenar una condición de denegación de servicio o potencialmente conllevar a una ejecución de código remota",
      },
   ],
   id: "CVE-2021-31893",
   lastModified: "2024-11-21T06:06:26.987",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-07-13T11:15:09.527",
   references: [
      {
         source: "productcert@siemens.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
      },
   ],
   sourceIdentifier: "productcert@siemens.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-120",
            },
         ],
         source: "productcert@siemens.com",
         type: "Primary",
      },
   ],
}

ghsa-47m5-c425-v4ww

Vulnerability from github

Published

2022-05-24 19:07

Modified

2022-05-24 19:07

Details

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2021-31893",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-120",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2021-07-13T11:15:00Z",
      severity: "HIGH",
   },
   details: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.",
   id: "GHSA-47m5-c425-v4ww",
   modified: "2022-05-24T19:07:44Z",
   published: "2022-05-24T19:07:44Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2021-31893",
      },
      {
         type: "WEB",
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
      },
   ],
   schema_version: "1.4.0",
   severity: [],
}

gsd-2021-31893

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2021-31893

Aliases

CVE-2021-31893

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2021-31893",
      description: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.",
      id: "GSD-2021-31893",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2021-31893",
         ],
         details: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.",
         id: "GSD-2021-31893",
         modified: "2023-12-13T01:23:13.225048Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "productcert@siemens.com",
            ID: "CVE-2021-31893",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "SIMATIC PCS 7 V8.2 and earlier",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "All versions",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "SIMATIC PCS 7 V9.0",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "All versions < V9.0 SP3",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "SIMATIC PDM",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "All versions < V9.2",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "SIMATIC STEP 7 V5.X",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "All versions < V5.6 SP2 HF3",
                                    },
                                 ],
                              },
                           },
                           {
                              product_name: "SINAMICS STARTER (containing STEP 7 OEM version)",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "All versions < V5.4 HF2",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "Siemens",
                  },
               ],
            },
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.",
               },
            ],
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        lang: "eng",
                        value: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
                  refsource: "MISC",
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         configurations: {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:siemens:simatic_pcs_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndIncluding: "8.2",
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:-:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp1:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp2:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:siemens:simatic_pcs:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "9.2",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:siemens:simatic_step_7_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndIncluding: "5.6",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:siemens:simatic_step_7:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:siemens:sinamics_starter_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "5.4",
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:-:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_1:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_2:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:siemens:sinamics_starter:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
            ],
         },
         cve: {
            CVE_data_meta: {
               ASSIGNER: "productcert@siemens.com",
               ID: "CVE-2021-31893",
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "en",
                     value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "en",
                           value: "CWE-120",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "N/A",
                     refsource: "CONFIRM",
                     tags: [
                        "Patch",
                        "Vendor Advisory",
                     ],
                     url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
                  },
               ],
            },
         },
         impact: {
            baseMetricV2: {
               acInsufInfo: false,
               cvssV2: {
                  accessComplexity: "LOW",
                  accessVector: "LOCAL",
                  authentication: "NONE",
                  availabilityImpact: "COMPLETE",
                  baseScore: 7.2,
                  confidentialityImpact: "COMPLETE",
                  integrityImpact: "COMPLETE",
                  vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                  version: "2.0",
               },
               exploitabilityScore: 3.9,
               impactScore: 10,
               obtainAllPrivilege: false,
               obtainOtherPrivilege: false,
               obtainUserPrivilege: false,
               severity: "HIGH",
               userInteractionRequired: false,
            },
            baseMetricV3: {
               cvssV3: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               exploitabilityScore: 1.8,
               impactScore: 5.9,
            },
         },
         lastModifiedDate: "2021-08-06T14:03Z",
         publishedDate: "2021-07-13T11:15Z",
      },
   },
}

var-202107-1337

Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution. Multiple Siemens products contain a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC PCS 7 is a set of process control system of Germany Siemens (Siemens) company. SIMATIC STEP 7 V5.X is the classic engineering software for configuring and programming SIMATIC S7-300/S7-400/C7/WinAC controllers. STARTER is the drive engineering tool for parameterization and commissioning. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website

JSON

To clipboard

{
   "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
      affected_products: {
         "@id": "https://www.variotdbs.pl/ref/affected_products",
      },
      configurations: {
         "@id": "https://www.variotdbs.pl/ref/configurations",
      },
      credits: {
         "@id": "https://www.variotdbs.pl/ref/credits",
      },
      cvss: {
         "@id": "https://www.variotdbs.pl/ref/cvss/",
      },
      description: {
         "@id": "https://www.variotdbs.pl/ref/description/",
      },
      exploit_availability: {
         "@id": "https://www.variotdbs.pl/ref/exploit_availability/",
      },
      external_ids: {
         "@id": "https://www.variotdbs.pl/ref/external_ids/",
      },
      iot: {
         "@id": "https://www.variotdbs.pl/ref/iot/",
      },
      iot_taxonomy: {
         "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/",
      },
      patch: {
         "@id": "https://www.variotdbs.pl/ref/patch/",
      },
      problemtype_data: {
         "@id": "https://www.variotdbs.pl/ref/problemtype_data/",
      },
      references: {
         "@id": "https://www.variotdbs.pl/ref/references/",
      },
      sources: {
         "@id": "https://www.variotdbs.pl/ref/sources/",
      },
      sources_release_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_release_date/",
      },
      sources_update_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_update_date/",
      },
      threat_type: {
         "@id": "https://www.variotdbs.pl/ref/threat_type/",
      },
      title: {
         "@id": "https://www.variotdbs.pl/ref/title/",
      },
      type: {
         "@id": "https://www.variotdbs.pl/ref/type/",
      },
   },
   "@id": "https://www.variotdbs.pl/vuln/VAR-202107-1337",
   affected_products: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            model: "simatic pcs",
            scope: "lte",
            trust: 1,
            vendor: "siemens",
            version: "8.2",
         },
         {
            model: "simatic pdm",
            scope: "lt",
            trust: 1,
            vendor: "siemens",
            version: "9.2",
         },
         {
            model: "simatic pcs",
            scope: "eq",
            trust: 1,
            vendor: "siemens",
            version: "9.0",
         },
         {
            model: "sinamics starter",
            scope: "lt",
            trust: 1,
            vendor: "siemens",
            version: "5.4",
         },
         {
            model: "sinamics starter",
            scope: "eq",
            trust: 1,
            vendor: "siemens",
            version: "5.4",
         },
         {
            model: "simatic step 7",
            scope: "lte",
            trust: 1,
            vendor: "siemens",
            version: "5.6",
         },
         {
            model: "simatic pdm",
            scope: null,
            trust: 0.8,
            vendor: "シーメンス",
            version: null,
         },
         {
            model: "sinamics starter",
            scope: null,
            trust: 0.8,
            vendor: "シーメンス",
            version: null,
         },
         {
            model: "simatic pcs",
            scope: null,
            trust: 0.8,
            vendor: "シーメンス",
            version: null,
         },
         {
            model: "simatic step 7",
            scope: null,
            trust: 0.8,
            vendor: "シーメンス",
            version: null,
         },
         {
            model: "simatic pcs",
            scope: "eq",
            trust: 0.6,
            vendor: "siemens",
            version: "7<=v8.2",
         },
         {
            model: "simatic pcs sp3",
            scope: "eq",
            trust: 0.6,
            vendor: "siemens",
            version: "7<v9.0",
         },
         {
            model: "simatic pdm",
            scope: "lt",
            trust: 0.6,
            vendor: "siemens",
            version: "v9.2",
         },
         {
            model: "simatic step sp2 hf3",
            scope: "eq",
            trust: 0.6,
            vendor: "siemens",
            version: "7v5.x<v5.6",
         },
         {
            model: "sinamics starter hf2",
            scope: "eq",
            trust: 0.6,
            vendor: "siemens",
            version: "7<v5.4",
         },
      ],
      sources: [
         {
            db: "CNVD",
            id: "CNVD-2021-54360",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-012063",
         },
         {
            db: "NVD",
            id: "CVE-2021-31893",
         },
      ],
   },
   cve: "CVE-2021-31893",
   cvss: {
      "@context": {
         cvssV2: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2",
         },
         cvssV3: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/",
         },
         severity: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/cvss/severity#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            cvssV2: [
               {
                  accessComplexity: "LOW",
                  accessVector: "LOCAL",
                  authentication: "NONE",
                  author: "nvd@nist.gov",
                  availabilityImpact: "COMPLETE",
                  baseScore: 7.2,
                  confidentialityImpact: "COMPLETE",
                  exploitabilityScore: 3.9,
                  id: "CVE-2021-31893",
                  impactScore: 10,
                  integrityImpact: "COMPLETE",
                  severity: "HIGH",
                  trust: 1.8,
                  vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                  version: "2.0",
               },
               {
                  accessComplexity: "LOW",
                  accessVector: "LOCAL",
                  authentication: "NONE",
                  author: "CNVD",
                  availabilityImpact: "COMPLETE",
                  baseScore: 7.2,
                  confidentialityImpact: "COMPLETE",
                  exploitabilityScore: 3.9,
                  id: "CNVD-2021-54360",
                  impactScore: 10,
                  integrityImpact: "COMPLETE",
                  severity: "HIGH",
                  trust: 0.6,
                  vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                  version: "2.0",
               },
            ],
            cvssV3: [
               {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  author: "nvd@nist.gov",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  exploitabilityScore: 1.8,
                  id: "CVE-2021-31893",
                  impactScore: 5.9,
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  trust: 1,
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               {
                  attackComplexity: "Low",
                  attackVector: "Local",
                  author: "NVD",
                  availabilityImpact: "High",
                  baseScore: 7.8,
                  baseSeverity: "High",
                  confidentialityImpact: "High",
                  exploitabilityScore: null,
                  id: "CVE-2021-31893",
                  impactScore: null,
                  integrityImpact: "High",
                  privilegesRequired: "Low",
                  scope: "Unchanged",
                  trust: 0.8,
                  userInteraction: "None",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            ],
            severity: [
               {
                  author: "nvd@nist.gov",
                  id: "CVE-2021-31893",
                  trust: 1,
                  value: "HIGH",
               },
               {
                  author: "NVD",
                  id: "CVE-2021-31893",
                  trust: 0.8,
                  value: "High",
               },
               {
                  author: "CNVD",
                  id: "CNVD-2021-54360",
                  trust: 0.6,
                  value: "HIGH",
               },
               {
                  author: "CNNVD",
                  id: "CNNVD-202104-975",
                  trust: 0.6,
                  value: "MEDIUM",
               },
               {
                  author: "CNNVD",
                  id: "CNNVD-202107-690",
                  trust: 0.6,
                  value: "HIGH",
               },
            ],
         },
      ],
      sources: [
         {
            db: "CNVD",
            id: "CNVD-2021-54360",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-012063",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202107-690",
         },
         {
            db: "NVD",
            id: "CVE-2021-31893",
         },
      ],
   },
   description: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/description#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution. Multiple Siemens products contain a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC PCS 7 is a set of process control system of Germany Siemens (Siemens) company. SIMATIC STEP 7 V5.X is the classic engineering software for configuring and programming SIMATIC S7-300/S7-400/C7/WinAC controllers. STARTER is the drive engineering tool for parameterization and commissioning. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
      sources: [
         {
            db: "NVD",
            id: "CVE-2021-31893",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-012063",
         },
         {
            db: "CNVD",
            id: "CNVD-2021-54360",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            db: "VULMON",
            id: "CVE-2021-31893",
         },
      ],
      trust: 2.79,
   },
   external_ids: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            db: "NVD",
            id: "CVE-2021-31893",
            trust: 3.9,
         },
         {
            db: "SIEMENS",
            id: "SSA-641963",
            trust: 1.7,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-012063",
            trust: 0.8,
         },
         {
            db: "SIEMENS",
            id: "SSA-599968",
            trust: 0.6,
         },
         {
            db: "CNVD",
            id: "CNVD-2021-54360",
            trust: 0.6,
         },
         {
            db: "CS-HELP",
            id: "SB2021041363",
            trust: 0.6,
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
            trust: 0.6,
         },
         {
            db: "CS-HELP",
            id: "SB2021071420",
            trust: 0.6,
         },
         {
            db: "AUSCERT",
            id: "ESB-2021.2399",
            trust: 0.6,
         },
         {
            db: "CNNVD",
            id: "CNNVD-202107-690",
            trust: 0.6,
         },
         {
            db: "VULMON",
            id: "CVE-2021-31893",
            trust: 0.1,
         },
      ],
      sources: [
         {
            db: "CNVD",
            id: "CNVD-2021-54360",
         },
         {
            db: "VULMON",
            id: "CVE-2021-31893",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-012063",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202107-690",
         },
         {
            db: "NVD",
            id: "CVE-2021-31893",
         },
      ],
   },
   id: "VAR-202107-1337",
   iot: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: true,
      sources: [
         {
            db: "CNVD",
            id: "CNVD-2021-54360",
         },
      ],
      trust: 1.2601742059999999,
   },
   iot_taxonomy: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            category: [
               "ICS",
            ],
            sub_category: null,
            trust: 0.6,
         },
      ],
      sources: [
         {
            db: "CNVD",
            id: "CNVD-2021-54360",
         },
      ],
   },
   last_update_date: "2024-08-14T12:43:01.213000Z",
   patch: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/patch#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            title: "SSA-641963",
            trust: 0.8,
            url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
         },
         {
            title: "Patch for Remote Code Execution Vulnerabilities in Multiple SIMATIC Software Products",
            trust: 0.6,
            url: "https://www.cnvd.org.cn/patchInfo/show/280941",
         },
         {
            title: "Siemens SIMATIC PCS 7 Security vulnerabilities",
            trust: 0.6,
            url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=156384",
         },
         {
            title: "Siemens Security Advisories: Siemens Security Advisory",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=e8f7c02a3431f34db7d68842e7177403",
         },
      ],
      sources: [
         {
            db: "CNVD",
            id: "CNVD-2021-54360",
         },
         {
            db: "VULMON",
            id: "CVE-2021-31893",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-012063",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202107-690",
         },
      ],
   },
   problemtype_data: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            problemtype: "CWE-120",
            trust: 1,
         },
         {
            problemtype: "Classic buffer overflow (CWE-120) [ others ]",
            trust: 0.8,
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2021-012063",
         },
         {
            db: "NVD",
            id: "CVE-2021-31893",
         },
      ],
   },
   references: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/references#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            trust: 1.7,
            url: "https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf",
         },
         {
            trust: 1.4,
            url: "https://nvd.nist.gov/vuln/detail/cve-2021-31893",
         },
         {
            trust: 0.6,
            url: "https://cert-portal.siemens.com/productcert/pdf/ssa-599968.pdf",
         },
         {
            trust: 0.6,
            url: "https://www.cybersecurity-help.cz/vdb/sb2021041363",
         },
         {
            trust: 0.6,
            url: "https://vigilance.fr/vulnerability/siemens-simatic-buffer-overflow-35867",
         },
         {
            trust: 0.6,
            url: "https://www.auscert.org.au/bulletins/esb-2021.2399",
         },
         {
            trust: 0.6,
            url: "https://www.cybersecurity-help.cz/vdb/sb2021071420",
         },
         {
            trust: 0.1,
            url: "https://cwe.mitre.org/data/definitions/120.html",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov",
         },
         {
            trust: 0.1,
            url: "https://cert-portal.siemens.com/productcert/txt/ssa-641963.txt",
         },
      ],
      sources: [
         {
            db: "CNVD",
            id: "CNVD-2021-54360",
         },
         {
            db: "VULMON",
            id: "CVE-2021-31893",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-012063",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202107-690",
         },
         {
            db: "NVD",
            id: "CVE-2021-31893",
         },
      ],
   },
   sources: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            db: "CNVD",
            id: "CNVD-2021-54360",
         },
         {
            db: "VULMON",
            id: "CVE-2021-31893",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-012063",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202107-690",
         },
         {
            db: "NVD",
            id: "CVE-2021-31893",
         },
      ],
   },
   sources_release_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2021-07-24T00:00:00",
            db: "CNVD",
            id: "CNVD-2021-54360",
         },
         {
            date: "2021-07-13T00:00:00",
            db: "VULMON",
            id: "CVE-2021-31893",
         },
         {
            date: "2022-08-23T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2021-012063",
         },
         {
            date: "2021-04-13T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            date: "2021-07-13T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202107-690",
         },
         {
            date: "2021-07-13T11:15:09.527000",
            db: "NVD",
            id: "CVE-2021-31893",
         },
      ],
   },
   sources_update_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2022-01-18T00:00:00",
            db: "CNVD",
            id: "CNVD-2021-54360",
         },
         {
            date: "2021-07-13T00:00:00",
            db: "VULMON",
            id: "CVE-2021-31893",
         },
         {
            date: "2022-08-23T03:34:00",
            db: "JVNDB",
            id: "JVNDB-2021-012063",
         },
         {
            date: "2021-04-14T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            date: "2021-08-09T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202107-690",
         },
         {
            date: "2021-08-06T14:03:32.707000",
            db: "NVD",
            id: "CVE-2021-31893",
         },
      ],
   },
   threat_type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "local",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-202107-690",
         },
      ],
      trust: 0.6,
   },
   title: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/title#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Classic buffer overflow vulnerability in multiple Siemens products",
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2021-012063",
         },
      ],
      trust: 0.8,
   },
   type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "other",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-202104-975",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202107-690",
         },
      ],
      trust: 1.2,
   },
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2021-31893

Vulnerability from cvelistv5

icsa-21-194-05

Vulnerability from csaf_cisa

ICSA-21-194-05

Vulnerability from csaf_cisa

fkie_cve-2021-31893

Vulnerability from fkie_nvd

ghsa-47m5-c425-v4ww

Vulnerability from github

gsd-2021-31893

Vulnerability from gsd

var-202107-1337

Vulnerability from variot

Tags

Sightings

Nomenclature