cnvd - cnvd-2024-17302

cnvd-2024-17302

Vulnerability from cnvd

Title: Siemens SIMATIC WinCC拒绝服务漏洞（CNVD-2024-17302）

Description:

SIMATIC PCS 7是一套过程控制系统。SIMATIC WinCC是一套自动化的数据采集与监控（SCADA）系统。SIMATIC WinCC Runtime Professional是用于操作员的可视化运行时平台机器和设备的控制和监控。

Siemens SIMATIC WinCC存在拒绝服务漏洞，该漏洞是由于受影响的产品无法正确验证登录对话框中提供的输入。攻击者可利用此漏洞造成拒绝服务。

Severity: 中

Patch Name: Siemens SIMATIC WinCC拒绝服务漏洞（CNVD-2024-17302）的补丁

Patch Description:

Siemens SIMATIC WinCC存在拒绝服务漏洞，该漏洞是由于受影响的产品无法正确验证登录对话框中提供的输入。攻击者可利用此漏洞造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

用户可参考如下供应商提供的安全公告获得补丁信息： https://cert-portal.siemens.com/productcert/html/ssa-730482.html

Reference: https://cert-portal.siemens.com/productcert/html/ssa-730482.html

Impacted products

Name
['Siemens SIMATIC PCS 7 V9.1 < V9.1 SP2 UC04', 'Siemens SIMATIC WinCC Runtime Professional V17', 'Siemens SIMATIC WinCC Runtime Professional V18', 'Siemens SIMATIC WinCC Runtime Professional V19', 'Siemens SIMATIC WinCC V7.5 < V7.5 SP2 Update 16', 'Siemens SIMATIC WinCC V8.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-50821"
    }
  },
  "description": "SIMATIC PCS 7\u662f\u4e00\u5957\u8fc7\u7a0b\u63a7\u5236\u7cfb\u7edf\u3002SIMATIC WinCC\u662f\u4e00\u5957\u81ea\u52a8\u5316\u7684\u6570\u636e\u91c7\u96c6\u4e0e\u76d1\u63a7\uff08SCADA\uff09\u7cfb\u7edf\u3002SIMATIC WinCC Runtime Professional\u662f\u7528\u4e8e\u64cd\u4f5c\u5458\u7684\u53ef\u89c6\u5316\u8fd0\u884c\u65f6\u5e73\u53f0\u673a\u5668\u548c\u8bbe\u5907\u7684\u63a7\u5236\u548c\u76d1\u63a7\u3002\n\nSiemens SIMATIC WinCC\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u53d7\u5f71\u54cd\u7684\u4ea7\u54c1\u65e0\u6cd5\u6b63\u786e\u9a8c\u8bc1\u767b\u5f55\u5bf9\u8bdd\u6846\u4e2d\u63d0\u4f9b\u7684\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/html/ssa-730482.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-17302",
  "openTime": "2024-04-10",
  "patchDescription": "SIMATIC PCS 7\u662f\u4e00\u5957\u8fc7\u7a0b\u63a7\u5236\u7cfb\u7edf\u3002SIMATIC WinCC\u662f\u4e00\u5957\u81ea\u52a8\u5316\u7684\u6570\u636e\u91c7\u96c6\u4e0e\u76d1\u63a7\uff08SCADA\uff09\u7cfb\u7edf\u3002SIMATIC WinCC Runtime Professional\u662f\u7528\u4e8e\u64cd\u4f5c\u5458\u7684\u53ef\u89c6\u5316\u8fd0\u884c\u65f6\u5e73\u53f0\u673a\u5668\u548c\u8bbe\u5907\u7684\u63a7\u5236\u548c\u76d1\u63a7\u3002\r\n\r\nSiemens SIMATIC WinCC\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u53d7\u5f71\u54cd\u7684\u4ea7\u54c1\u65e0\u6cd5\u6b63\u786e\u9a8c\u8bc1\u767b\u5f55\u5bf9\u8bdd\u6846\u4e2d\u63d0\u4f9b\u7684\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens SIMATIC WinCC\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2024-17302\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens SIMATIC PCS 7 V9.1 \u003c V9.1 SP2 UC04",
      "Siemens SIMATIC WinCC Runtime Professional V17",
      "Siemens SIMATIC WinCC Runtime Professional V18",
      "Siemens SIMATIC WinCC Runtime Professional V19",
      "Siemens SIMATIC WinCC V7.5 \u003c V7.5 SP2 Update 16",
      "Siemens SIMATIC WinCC V8.0"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-730482.html",
  "serverity": "\u4e2d",
  "submitTime": "2024-04-10",
  "title": "Siemens SIMATIC WinCC\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2024-17302\uff09"
}

CVE-2023-50821 (GCVE-0-2023-50821)

Vulnerability from cvelistv5

Published

2024-04-09 08:34

Modified

2025-02-26 18:41

Severity ?

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
6.9 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Summary

A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 1), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/html/ssa-730482.html

Impacted products

Vendor

Product

Version

▼

Siemens

SIMATIC PCS 7 V9.1

Version: 0 < V9.1 SP2 UC04

Siemens	SIMATIC WinCC Runtime Professional V17	Version: 0 < V17 Update 8
Siemens	SIMATIC WinCC Runtime Professional V18	Version: 0 < V18 Update 4
Siemens	SIMATIC WinCC Runtime Professional V19	Version: 0 < V19 Update 1
Siemens	SIMATIC WinCC V7.5	Version: 0 < V7.5 SP2 Update 16
Siemens	SIMATIC WinCC V8.0	Version: 0 < V8.0 Update 5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:23:44.213Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-730482.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-50821",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-12T13:48:36.486525Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T18:41:29.599Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PCS 7 V9.1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V9.1 SP2 UC04",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC Runtime Professional V17",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V17 Update 8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC Runtime Professional V18",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V18 Update 4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC Runtime Professional V19",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V19 Update 1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC V7.5",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.5 SP2 Update 16",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC V8.0",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0 Update 5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions \u003c V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 1), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-14T10:29:58.380Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-730482.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2023-50821",
    "datePublished": "2024-04-09T08:34:35.452Z",
    "dateReserved": "2023-12-14T15:44:45.770Z",
    "dateUpdated": "2025-02-26T18:41:29.599Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted