cnvd-2023-86590
Vulnerability from cnvd

Title: 多款Siemens产品在多线程上下文中对共享数据的不同步访问漏洞

Description:

SCALANCE M-800、MUM-800和S615以及RUGGEDCOM RM1224是工业路由器。SCALANCE W产品是用于连接工业组件的无线通信设备,如可编程逻辑控制器(PLC)或人机界面(HMI),符合IEEE 802.11标准(802.11ac、802.11a/b/g/h 和/或 802.11n)。SCALANCE W-1700产品是基于IEEE 802.11ac标准的无线通信设备。它们用于连接各种WLAN设备(接入点或客户端,取决于操作模式),重点关注工业组件,如可编程逻辑控制器(PLC)或人机界面(HMI)等。SCALANCE X交换机用于连接可编程逻辑控制器(PLC)或人机界面(HMI)等工业组件。

多款Siemens产品存在在多线程上下文中对共享数据的不同步访问漏洞,攻击者可利用该漏洞更改另一个潜在管理员用户的密码,导致权限提升。

Severity:

Patch Name: 多款Siemens产品在多线程上下文中对共享数据的不同步访问漏洞的补丁

Patch Description:

SCALANCE M-800、MUM-800和S615以及RUGGEDCOM RM1224是工业路由器。SCALANCE W产品是用于连接工业组件的无线通信设备,如可编程逻辑控制器(PLC)或人机界面(HMI),符合IEEE 802.11标准(802.11ac、802.11a/b/g/h 和/或 802.11n)。SCALANCE W-1700产品是基于IEEE 802.11ac标准的无线通信设备。它们用于连接各种WLAN设备(接入点或客户端,取决于操作模式),重点关注工业组件,如可编程逻辑控制器(PLC)或人机界面(HMI)等。SCALANCE X交换机用于连接可编程逻辑控制器(PLC)或人机界面(HMI)等工业组件。

多款Siemens产品存在在多线程上下文中对共享数据的不同步访问漏洞,攻击者可利用该漏洞更改另一个潜在管理员用户的密码,导致权限提升。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序,请及时关注更新: https://cert-portal.siemens.com/productcert/html/ssa-699386.html

Reference: https://cert-portal.siemens.com/productcert/html/ssa-699386.html

Impacted products
Name
['Siemens SCALANCE XC216EEC <4.5', 'Siemens SCALANCE XC224 <4.5', 'Siemens SCALANCE XC224-4C G <4.5', 'Siemens SCALANCE XC224-4C G EEC <4.5', 'Siemens SCALANCE XF204 <4.5', 'Siemens SCALANCE XF204 DNA <4.5', 'Siemens SCALANCE XF204-2BA <4.5', 'Siemens SCALANCE XF204-2BA DNA <4.5', 'Siemens SCALANCE XP208 <4.5', 'Siemens SCALANCE XP208EEC <4.5', 'Siemens SCALANCE XP208PoE EEC <4.5', 'Siemens SCALANCE XP216 <4.5', 'Siemens SCALANCE XP216EEC <4.5', 'Siemens SCALANCE XP216POE EEC <4.5', 'Siemens SCALANCE XR324WG <4.5', 'Siemens SCALANCE XR326-2C PoE WG <4.5', 'Siemens SCALANCE XR328-4C WG <4.5', 'Siemens SIPLUS NET SCALANCE XC206-2 <4.5', 'Siemens SIPLUS NET SCALANCE XC206-2SFP <4.5', 'Siemens SIPLUS NET SCALANCE XC208 <4.5', 'Siemens SIPLUS NET SCALANCE XC216-4C <4.5', 'Siemens SCALANCE XC206-2G PoE <4.5', 'Siemens SCALANCE XC206-2G PoE EEC <4.5', 'Siemens SCALANCE XC206-2SFP <4.5', 'Siemens SCALANCE XC206-2SFP EEC <4.5', 'Siemens SCALANCE XC206-2SFP G <4.5', 'Siemens SCALANCE XC208EEC <4.5', 'Siemens SCALANCE XC208G <4.5', 'Siemens SCALANCE XC208G EEC <4.5', 'Siemens SCALANCE XC208G PoE <4.5', 'Siemens SCALANCE XC216 <4.5', 'Siemens SCALANCE XC216-3G PoE <4.5', 'Siemens SCALANCE XC216-4C <4.5', 'Siemens SCALANCE XC216-4C G <4.5', 'Siemens SCALANCE XC216-4C G EEC <4.5', 'Siemens SCALANCE XB205-3 <4.5', 'Siemens SCALANCE XB205-3LD <4.5', 'Siemens SCALANCE XB208 <4.5', 'Siemens SCALANCE XB213-3 <4.5', 'Siemens SCALANCE XB213-3LD <4.5', 'Siemens SCALANCE XB216 <4.5', 'Siemens SCALANCE XC206-2 <4.5']
Show details on source website

To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-44374"
    }
  },
  "description": "SCALANCE M-800\u3001MUM-800\u548cS615\u4ee5\u53caRUGGEDCOM RM1224\u662f\u5de5\u4e1a\u8def\u7531\u5668\u3002SCALANCE W\u4ea7\u54c1\u662f\u7528\u4e8e\u8fde\u63a5\u5de5\u4e1a\u7ec4\u4ef6\u7684\u65e0\u7ebf\u901a\u4fe1\u8bbe\u5907\uff0c\u5982\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u6216\u4eba\u673a\u754c\u9762\uff08HMI\uff09\uff0c\u7b26\u5408IEEE 802.11\u6807\u51c6\uff08802.11ac\u3001802.11a/b/g/h \u548c/\u6216 802.11n\uff09\u3002SCALANCE W-1700\u4ea7\u54c1\u662f\u57fa\u4e8eIEEE 802.11ac\u6807\u51c6\u7684\u65e0\u7ebf\u901a\u4fe1\u8bbe\u5907\u3002\u5b83\u4eec\u7528\u4e8e\u8fde\u63a5\u5404\u79cdWLAN\u8bbe\u5907\uff08\u63a5\u5165\u70b9\u6216\u5ba2\u6237\u7aef\uff0c\u53d6\u51b3\u4e8e\u64cd\u4f5c\u6a21\u5f0f\uff09\uff0c\u91cd\u70b9\u5173\u6ce8\u5de5\u4e1a\u7ec4\u4ef6\uff0c\u5982\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u6216\u4eba\u673a\u754c\u9762\uff08HMI\uff09\u7b49\u3002SCALANCE X\u4ea4\u6362\u673a\u7528\u4e8e\u8fde\u63a5\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u6216\u4eba\u673a\u754c\u9762\uff08HMI\uff09\u7b49\u5de5\u4e1a\u7ec4\u4ef6\u3002\n\n\u591a\u6b3eSiemens\u4ea7\u54c1\u5b58\u5728\u5728\u591a\u7ebf\u7a0b\u4e0a\u4e0b\u6587\u4e2d\u5bf9\u5171\u4eab\u6570\u636e\u7684\u4e0d\u540c\u6b65\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u66f4\u6539\u53e6\u4e00\u4e2a\u6f5c\u5728\u7ba1\u7406\u5458\u7528\u6237\u7684\u5bc6\u7801\uff0c\u5bfc\u81f4\u6743\u9650\u63d0\u5347\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://cert-portal.siemens.com/productcert/html/ssa-699386.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-86590",
  "openTime": "2023-11-15",
  "patchDescription": "SCALANCE M-800\u3001MUM-800\u548cS615\u4ee5\u53caRUGGEDCOM RM1224\u662f\u5de5\u4e1a\u8def\u7531\u5668\u3002SCALANCE W\u4ea7\u54c1\u662f\u7528\u4e8e\u8fde\u63a5\u5de5\u4e1a\u7ec4\u4ef6\u7684\u65e0\u7ebf\u901a\u4fe1\u8bbe\u5907\uff0c\u5982\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u6216\u4eba\u673a\u754c\u9762\uff08HMI\uff09\uff0c\u7b26\u5408IEEE 802.11\u6807\u51c6\uff08802.11ac\u3001802.11a/b/g/h \u548c/\u6216 802.11n\uff09\u3002SCALANCE W-1700\u4ea7\u54c1\u662f\u57fa\u4e8eIEEE 802.11ac\u6807\u51c6\u7684\u65e0\u7ebf\u901a\u4fe1\u8bbe\u5907\u3002\u5b83\u4eec\u7528\u4e8e\u8fde\u63a5\u5404\u79cdWLAN\u8bbe\u5907\uff08\u63a5\u5165\u70b9\u6216\u5ba2\u6237\u7aef\uff0c\u53d6\u51b3\u4e8e\u64cd\u4f5c\u6a21\u5f0f\uff09\uff0c\u91cd\u70b9\u5173\u6ce8\u5de5\u4e1a\u7ec4\u4ef6\uff0c\u5982\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u6216\u4eba\u673a\u754c\u9762\uff08HMI\uff09\u7b49\u3002SCALANCE X\u4ea4\u6362\u673a\u7528\u4e8e\u8fde\u63a5\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\uff08PLC\uff09\u6216\u4eba\u673a\u754c\u9762\uff08HMI\uff09\u7b49\u5de5\u4e1a\u7ec4\u4ef6\u3002\r\n\r\n\u591a\u6b3eSiemens\u4ea7\u54c1\u5b58\u5728\u5728\u591a\u7ebf\u7a0b\u4e0a\u4e0b\u6587\u4e2d\u5bf9\u5171\u4eab\u6570\u636e\u7684\u4e0d\u540c\u6b65\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u66f4\u6539\u53e6\u4e00\u4e2a\u6f5c\u5728\u7ba1\u7406\u5458\u7528\u6237\u7684\u5bc6\u7801\uff0c\u5bfc\u81f4\u6743\u9650\u63d0\u5347\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eSiemens\u4ea7\u54c1\u5728\u591a\u7ebf\u7a0b\u4e0a\u4e0b\u6587\u4e2d\u5bf9\u5171\u4eab\u6570\u636e\u7684\u4e0d\u540c\u6b65\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens SCALANCE XC216EEC \u003c4.5",
      "Siemens SCALANCE XC224 \u003c4.5",
      "Siemens SCALANCE XC224-4C G \u003c4.5",
      "Siemens SCALANCE XC224-4C G EEC \u003c4.5",
      "Siemens SCALANCE XF204 \u003c4.5",
      "Siemens SCALANCE XF204 DNA \u003c4.5",
      "Siemens SCALANCE XF204-2BA \u003c4.5",
      "Siemens SCALANCE XF204-2BA DNA \u003c4.5",
      "Siemens SCALANCE XP208 \u003c4.5",
      "Siemens SCALANCE XP208EEC \u003c4.5",
      "Siemens SCALANCE XP208PoE EEC \u003c4.5",
      "Siemens SCALANCE XP216 \u003c4.5",
      "Siemens SCALANCE XP216EEC \u003c4.5",
      "Siemens SCALANCE XP216POE EEC \u003c4.5",
      "Siemens SCALANCE XR324WG \u003c4.5",
      "Siemens SCALANCE XR326-2C PoE WG \u003c4.5",
      "Siemens SCALANCE XR328-4C WG \u003c4.5",
      "Siemens SIPLUS NET SCALANCE XC206-2 \u003c4.5",
      "Siemens SIPLUS NET SCALANCE XC206-2SFP \u003c4.5",
      "Siemens SIPLUS NET SCALANCE XC208 \u003c4.5",
      "Siemens SIPLUS NET SCALANCE XC216-4C \u003c4.5",
      "Siemens SCALANCE XC206-2G PoE \u003c4.5",
      "Siemens SCALANCE XC206-2G PoE EEC \u003c4.5",
      "Siemens SCALANCE XC206-2SFP \u003c4.5",
      "Siemens SCALANCE XC206-2SFP EEC \u003c4.5",
      "Siemens SCALANCE XC206-2SFP G \u003c4.5",
      "Siemens SCALANCE XC208EEC \u003c4.5",
      "Siemens SCALANCE XC208G \u003c4.5",
      "Siemens SCALANCE XC208G EEC \u003c4.5",
      "Siemens SCALANCE XC208G PoE \u003c4.5",
      "Siemens SCALANCE XC216 \u003c4.5",
      "Siemens SCALANCE XC216-3G PoE \u003c4.5",
      "Siemens SCALANCE XC216-4C \u003c4.5",
      "Siemens SCALANCE XC216-4C G \u003c4.5",
      "Siemens SCALANCE XC216-4C G EEC \u003c4.5",
      "Siemens SCALANCE XB205-3 \u003c4.5",
      "Siemens SCALANCE XB205-3LD \u003c4.5",
      "Siemens SCALANCE XB208 \u003c4.5",
      "Siemens SCALANCE XB213-3 \u003c4.5",
      "Siemens SCALANCE XB213-3LD \u003c4.5",
      "Siemens SCALANCE XB216 \u003c4.5",
      "Siemens SCALANCE XC206-2 \u003c4.5"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-699386.html",
  "serverity": "\u4e2d",
  "submitTime": "2023-11-15",
  "title": "\u591a\u6b3eSiemens\u4ea7\u54c1\u5728\u591a\u7ebf\u7a0b\u4e0a\u4e0b\u6587\u4e2d\u5bf9\u5171\u4eab\u6570\u636e\u7684\u4e0d\u540c\u6b65\u8bbf\u95ee\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.