var-202301-0605
Vulnerability from variot

Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code. Multiple Siemens products contain unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SIMATIC drive controllers are designed for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 MFP CPU provides the functions of standard S7-1500 CPU, and can run C/C++ codes in CPU runtime to execute functions/algorithms realized in C/C++. The SIMATIC S7-1500 ODK CPU provides the functionality of a standard S7-1500 CPU, but also offers the possibility to run C/C++ code while the CPU is running, to execute own functions/algorithms implemented in C/C++. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202301-0605",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "siplus s7-1500 cpu pn/dp",
        "scope": "eq",
        "trust": 3.6,
        "vendor": "siemens",
        "version": "1516-3"
      },
      {
        "model": "siplus s7-1500 cpu pn",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "siemens",
        "version": "1511-1"
      },
      {
        "model": "siplus s7-1500 cpu pn",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "siemens",
        "version": "1513-1"
      },
      {
        "model": "siplus s7-1500 cpu 1516f-3 pn/dp",
        "scope": null,
        "trust": 1.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1513f-1 pn",
        "scope": null,
        "trust": 1.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1511f-1 pn",
        "scope": null,
        "trust": 1.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1512sp f-1 pn",
        "scope": null,
        "trust": 1.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1515f-2 pn",
        "scope": null,
        "trust": 1.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu pn/dp",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "1516-3"
      },
      {
        "model": "simatic s7-1500 cpu 1516f-3 pn/dp",
        "scope": null,
        "trust": 1.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu pn",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "1513-1"
      },
      {
        "model": "simatic s7-1500 cpu 1513f-1 pn",
        "scope": null,
        "trust": 1.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu pn",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "1515-2"
      },
      {
        "model": "simatic s7-1500 cpu pn",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "1511-1"
      },
      {
        "model": "simatic s7-1500 cpu 1511f-1 pn",
        "scope": null,
        "trust": 1.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1516f-3 pn/dp rail",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1515f-2 pn",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1512sp f-1 pn rail",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1512sp-1 pn rail",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu pn t1 rail",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "siemens",
        "version": "1511-1"
      },
      {
        "model": "siplus s7-1500 cpu pn tx rail",
        "scope": "eq",
        "trust": 1.2,
        "vendor": "siemens",
        "version": "1511-1"
      },
      {
        "model": "siplus et 200sp cpu 1510sp-1 pn",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1510sp-1 pn rail",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1512c-1 pn",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1512sp f-1 pn",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1512sp-1 pn",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1510sp f-1 pn",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1510sp-1 pn",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511c-1 pn",
        "scope": null,
        "trust": 1.2,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1517h-3 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1511f-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1516t-3 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1511-1 pn tx rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1515r-2 pn tx rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1516-3 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1513-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1515tf-2 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1516tf-3 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1513pro-2 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1513-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511f-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518-4 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1510sp-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518t-4 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1511-1 pn t1 rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1516-3 pn\\/dp rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1512sp f-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1513f-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1518f-4 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1515t-2 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1512sp f-1 pn rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1512sp f-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518-4f pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu s7-1518-4 pn\\/dp odk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1511-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1510sp-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511tf-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1517f-3 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1518-4 pn\\/dp mfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu s7-1518f-4 pn\\/dp odk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1515r-2 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518tf-4 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1518-4 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1515f-2 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518f-4 pn\\/dp mfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511c-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1516pro f-2 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1515f-2 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1515f-2 pn t2 rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1516f-3 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1517t-3 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1515r-2 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1516pro-2 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1516-3 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic drive controller cpu 1507d tf",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511t-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1512sp-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic drive controller cpu 1504d tf",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1512sp-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1510sp f-1 pn rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1512c-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1516-3 pn\\/dp tx rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1516f-3 pn\\/dp rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1513f-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1517-3 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1513pro f-2 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1510sp f-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1510sp-1 pn rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518-4 pn\\/dp mfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1513r-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1512sp-1 pn rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1510sp f-1 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1517h-3 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1516f-3 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1515f-2 pn rail",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1515-2 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1517tf-3 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518hf-4 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1510sp-1 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic drive controller cpu 1507d tf",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511t-1 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1510sp f-1 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1512c-1 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511tf-1 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511c-1 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511f-1 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic drive controller cpu 1504d tf",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511-1 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1517h-3 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu pn/dp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1518-4"
      },
      {
        "model": "siplus s7-1500 cpu pn/dp mfp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1518-4"
      },
      {
        "model": "siplus s7-1500 cpu 1518f-4 pn/dp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1515f-2 pn rail",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1515f-2 pn t2 rail",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1515r-2 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu 1515r-2 pn tx rail",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus s7-1500 cpu pn/dp rail",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1516-3"
      },
      {
        "model": "siplus s7-1500 cpu pn/dp tx rail",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1516-3"
      },
      {
        "model": "siplus et 200sp cpu 1512sp-1 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518-4f pn/dp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518f-4 pn/dp mfp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518hf-4 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518t-4 pn/dp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518tf-4 pn/dp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu s7-1518-4 pn/dp odk",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu s7-1518f-4 pn/dp odk",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 et 200pro: cpu 1513pro f-2 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 et 200pro: cpu 1513pro-2 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 et 200pro: cpu 1516pro f-2 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 et 200pro: cpu 1516pro-2 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1510sp f-1 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus et 200sp cpu 1510sp f-1 pn rail",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1516tf-3 pn/dp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu pn/dp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1517-3"
      },
      {
        "model": "simatic s7-1500 cpu 1517f-3 pn/dp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1517h-3 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1517t-3 pn/dp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1517tf-3 pn/dp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu pn/dp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1518-4"
      },
      {
        "model": "simatic s7-1500 cpu pn/dp mfp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1518-4"
      },
      {
        "model": "simatic s7-1500 cpu 1515r-2 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1515t-2 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1515tf-2 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1516t-3 pn/dp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1513r-1 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic drive controller cpu 1504d tf",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic drive controller cpu 1507d tf",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511t-1 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511tf-1 pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-02703"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-001811"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-38773"
      }
    ]
  },
  "cve": "CVE-2022-38773",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2023-02703",
            "impactScore": 6.9,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.9,
            "id": "CVE-2022-38773",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "author": "productcert@siemens.com",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 0.9,
            "id": "CVE-2022-38773",
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Physical",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.8,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2022-38773",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-38773",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2022-38773",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2022-38773",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2023-02703",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202301-655",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-02703"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-001811"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-655"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-38773"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-38773"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code. Multiple Siemens products contain unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SIMATIC drive controllers are designed for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 MFP CPU provides the functions of standard S7-1500 CPU, and can run C/C++ codes in CPU runtime to execute functions/algorithms realized in C/C++. The SIMATIC S7-1500 ODK CPU provides the functionality of a standard S7-1500 CPU, but also offers the possibility to run C/C++ code while the CPU is running, to execute own functions/algorithms implemented in C/C++. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-38773"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-001811"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-02703"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-38773",
        "trust": 3.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-482757",
        "trust": 2.2
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-23-012-08",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU90782730",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-001811",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-02703",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.0216",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-655",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-02703"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-001811"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-655"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-38773"
      }
    ]
  },
  "id": "VAR-202301-0605",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-02703"
      }
    ],
    "trust": 1.3473338347368422
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-02703"
      }
    ]
  },
  "last_update_date": "2024-08-14T12:19:37.106000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-482757",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf"
      },
      {
        "title": "Patch for Siemens S7-1500 CPU devices have unknown vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/397271"
      },
      {
        "title": "Siemens SIMATIC S7-1500 Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=221641"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-02703"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-001811"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-655"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-1326",
        "trust": 1.0
      },
      {
        "problemtype": "others (CWE-Other) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-001811"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-38773"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-482757.html"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu90782730/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-38773"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-012-08"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.0216"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-38773/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-02703"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-001811"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-655"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-38773"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-02703"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-001811"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-655"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-38773"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-02703"
      },
      {
        "date": "2023-05-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-001811"
      },
      {
        "date": "2023-01-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-655"
      },
      {
        "date": "2023-01-10T12:15:23.103000",
        "db": "NVD",
        "id": "CVE-2022-38773"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-02703"
      },
      {
        "date": "2023-05-16T04:57:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-001811"
      },
      {
        "date": "2023-01-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202301-655"
      },
      {
        "date": "2024-06-11T09:15:11.087000",
        "db": "NVD",
        "id": "CVE-2022-38773"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerabilities in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-001811"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202301-655"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.