cnvd - cnvd-2024-23525

cnvd-2024-23525

Vulnerability from cnvd

Title: Siemens SICAM产品存在未明漏洞

Description:

SICAM 8 Power automation platform是一种通用的、基于硬件和软件的一体化解决方案，适用于电源领域的所有应用。SICAM A8000 RTU（远程终端单元）系列是一个模块化设备系列，用于能源供应各个领域的遥控和自动化应用。SICAM EGS（增强型电网传感器）是配电网中本地变电站的网关。

Siemens SICAM产品存在未明漏洞，攻击者可利用该漏洞在当前进程的上下文中执行代码，或导致拒绝服务。

Severity: 高

Patch Name: Siemens SICAM产品存在未明漏洞的补丁

Patch Description:

Siemens SICAM产品存在未明漏洞，攻击者可利用该漏洞在当前进程的上下文中执行代码，或导致拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

用户可参考如下供应商提供的安全公告获得补丁信息： https://cert-portal.siemens.com/productcert/html/ssa-871704.html

Reference: https://cert-portal.siemens.com/productcert/html/ssa-871704.html

Impacted products

Name
['Siemens CPCI85 Central Processing/Communication < V5.30', 'Siemens CPC80 Central Processing/Communication < V16.41']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-31484"
    }
  },
  "description": "SICAM 8 Power automation platform\u662f\u4e00\u79cd\u901a\u7528\u7684\u3001\u57fa\u4e8e\u786c\u4ef6\u548c\u8f6f\u4ef6\u7684\u4e00\u4f53\u5316\u89e3\u51b3\u65b9\u6848\uff0c\u9002\u7528\u4e8e\u7535\u6e90\u9886\u57df\u7684\u6240\u6709\u5e94\u7528\u3002SICAM A8000 RTU\uff08\u8fdc\u7a0b\u7ec8\u7aef\u5355\u5143\uff09\u7cfb\u5217\u662f\u4e00\u4e2a\u6a21\u5757\u5316\u8bbe\u5907\u7cfb\u5217\uff0c\u7528\u4e8e\u80fd\u6e90\u4f9b\u5e94\u5404\u4e2a\u9886\u57df\u7684\u9065\u63a7\u548c\u81ea\u52a8\u5316\u5e94\u7528\u3002SICAM EGS\uff08\u589e\u5f3a\u578b\u7535\u7f51\u4f20\u611f\u5668\uff09\u662f\u914d\u7535\u7f51\u4e2d\u672c\u5730\u53d8\u7535\u7ad9\u7684\u7f51\u5173\u3002\n\nSiemens SICAM\u4ea7\u54c1\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5f53\u524d\u8fdb\u7a0b\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4ee3\u7801\uff0c\u6216\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a \r\nhttps://cert-portal.siemens.com/productcert/html/ssa-871704.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-23525",
  "openTime": "2024-05-24",
  "patchDescription": "SICAM 8 Power automation platform\u662f\u4e00\u79cd\u901a\u7528\u7684\u3001\u57fa\u4e8e\u786c\u4ef6\u548c\u8f6f\u4ef6\u7684\u4e00\u4f53\u5316\u89e3\u51b3\u65b9\u6848\uff0c\u9002\u7528\u4e8e\u7535\u6e90\u9886\u57df\u7684\u6240\u6709\u5e94\u7528\u3002SICAM A8000 RTU\uff08\u8fdc\u7a0b\u7ec8\u7aef\u5355\u5143\uff09\u7cfb\u5217\u662f\u4e00\u4e2a\u6a21\u5757\u5316\u8bbe\u5907\u7cfb\u5217\uff0c\u7528\u4e8e\u80fd\u6e90\u4f9b\u5e94\u5404\u4e2a\u9886\u57df\u7684\u9065\u63a7\u548c\u81ea\u52a8\u5316\u5e94\u7528\u3002SICAM EGS\uff08\u589e\u5f3a\u578b\u7535\u7f51\u4f20\u611f\u5668\uff09\u662f\u914d\u7535\u7f51\u4e2d\u672c\u5730\u53d8\u7535\u7ad9\u7684\u7f51\u5173\u3002\r\n\r\nSiemens SICAM\u4ea7\u54c1\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5f53\u524d\u8fdb\u7a0b\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4ee3\u7801\uff0c\u6216\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens SICAM\u4ea7\u54c1\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens CPCI85 Central Processing/Communication \u003c V5.30",
      "Siemens CPC80 Central Processing/Communication \u003c V16.41"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-871704.html",
  "serverity": "\u9ad8",
  "submitTime": "2024-05-16",
  "title": "Siemens SICAM\u4ea7\u54c1\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}

CVE-2024-31484 (GCVE-0-2024-31484)

Vulnerability from cvelistv5

Published

2024-05-14 10:02

Modified

2025-02-13 17:47

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-170 - Improper Null Termination

Summary

A vulnerability has been identified in CPC80 Central Processing/Communication (All versions < V16.41), CPCI85 Central Processing/Communication (All versions < V5.30), CPCX26 Central Processing/Communication (All versions < V06.02), ETA4 Ethernet Interface IEC60870-5-104 (All versions < V10.46), ETA5 Ethernet Int. 1x100TX IEC61850 Ed.2 (All versions < V03.27), PCCX26 Ax 1703 PE, Contr, Communication Element (All versions < V06.05). The affected devices contain an improper null termination vulnerability while parsing a specific HTTP header. This could allow an attacker to execute code in the context of the current process or lead to denial of service condition.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/html/ssa-871704.html
	https://cert-portal.siemens.com/productcert/html/ssa-620338.html
	http://seclists.org/fulldisclosure/2024/Jul/4

Impacted products

Vendor

Product

Version

▼

Siemens

CPC80 Central Processing/Communication

Version: 0 < V16.41

Siemens	CPCI85 Central Processing/Communication	Version: 0 < V5.30
Siemens	CPCX26 Central Processing/Communication	Version: 0 < V06.02
Siemens	ETA4 Ethernet Interface IEC60870-5-104	Version: 0 < V10.46
Siemens	ETA5 Ethernet Int. 1x100TX IEC61850 Ed.2	Version: 0 < V03.27
Siemens	PCCX26 Ax 1703 PE, Contr, Communication Element	Version: 0 < V06.05

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:siemens:cpc80_central_processing\\/communication:16.41:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cpc80_central_processing\\/communication",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "16.41",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:siemens:cpci85_central_processing\\/communication:5.30:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cpci85_central_processing\\/communication",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "5.30",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-31484",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-28T19:54:51.490746Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:36:20.360Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-11-27T21:02:39.703Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-871704.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-620338.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/4"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2024/Nov/18"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "CPC80 Central Processing/Communication",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V16.41",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "CPCI85 Central Processing/Communication",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V5.30",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "CPCX26 Central Processing/Communication",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V06.02",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "ETA4 Ethernet Interface IEC60870-5-104",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V10.46",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "ETA5 Ethernet Int. 1x100TX IEC61850 Ed.2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V03.27",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "PCCX26 Ax 1703 PE, Contr, Communication Element",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V06.05",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in CPC80 Central Processing/Communication (All versions \u003c V16.41), CPCI85 Central Processing/Communication (All versions \u003c V5.30), CPCX26 Central Processing/Communication (All versions \u003c V06.02), ETA4 Ethernet Interface IEC60870-5-104 (All versions \u003c V10.46), ETA5 Ethernet Int. 1x100TX IEC61850 Ed.2 (All versions \u003c V03.27), PCCX26 Ax 1703 PE, Contr, Communication Element (All versions \u003c V06.05). The affected devices contain an improper null termination vulnerability while parsing a specific HTTP header. This could allow an attacker to execute code in the context of the current process or lead to denial of service condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-170",
              "description": "CWE-170: Improper Null Termination",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-04T06:06:04.302Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-871704.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-620338.html"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2024/Jul/4"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-31484",
    "datePublished": "2024-05-14T10:02:23.871Z",
    "dateReserved": "2024-04-04T11:43:06.066Z",
    "dateUpdated": "2025-02-13T17:47:58.073Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted