Lucene search

[email protected]CVE-2021-40360

HistoryFeb 09, 2022 - 4:15 p.m.

CVE-2021-40360

2022-02-0916:15:13

CWE-522

CWE-200

[email protected]

web.nvd.nist.gov

cve-2021-40360

simatic pcs 7

simatic wincc

vulnerability

password hash

remote server

api

brute force

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.1%

JSON

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server.

Affected configurations

NVD

Node

siemenssimatic_pcs_7Range≤8.2

siemenssimatic_pcs_7Match9.0-

siemenssimatic_pcs_7Match9.1-

siemenssimatic_winccRange<7.4

siemenssimatic_winccMatch7.4-

siemenssimatic_winccMatch7.4sp1

siemenssimatic_winccMatch7.4sp1_update1

siemenssimatic_winccMatch7.4sp1_update10

siemenssimatic_winccMatch7.4sp1_update11

siemenssimatic_winccMatch7.4sp1_update12

siemenssimatic_winccMatch7.4sp1_update13

siemenssimatic_winccMatch7.4sp1_update14

siemenssimatic_winccMatch7.4sp1_update15

siemenssimatic_winccMatch7.4sp1_update16

siemenssimatic_winccMatch7.4sp1_update17

siemenssimatic_winccMatch7.4sp1_update18

siemenssimatic_winccMatch7.4sp1_update2

siemenssimatic_winccMatch7.4sp1_update3

siemenssimatic_winccMatch7.4sp1_update4

siemenssimatic_winccMatch7.4sp1_update5

siemenssimatic_winccMatch7.4sp1_update6

siemenssimatic_winccMatch7.4sp1_update7

siemenssimatic_winccMatch7.4sp1_update8

siemenssimatic_winccMatch7.4sp1_update9

siemenssimatic_winccMatch7.5-

siemenssimatic_winccMatch7.5sp1

siemenssimatic_winccMatch7.5sp1_update1

siemenssimatic_winccMatch7.5sp1_update2

siemenssimatic_winccMatch7.5sp2

siemenssimatic_winccMatch7.5sp2_update1

siemenssimatic_winccMatch7.5sp2_update2

siemenssimatic_winccMatch7.5sp2_update3

siemenssimatic_winccMatch7.5sp2_update4

siemenssimatic_winccMatch7.5sp2_update5

siemenssimatic_winccMatch13-

siemenssimatic_winccMatch13sp1

siemenssimatic_winccMatch13sp2

siemenssimatic_winccMatch14.0.1

siemenssimatic_winccMatch15

siemenssimatic_winccMatch15.1-

siemenssimatic_winccMatch15.1update_1

siemenssimatic_winccMatch15.1update_2

siemenssimatic_winccMatch15.1update_3

siemenssimatic_winccMatch15.1update_4

siemenssimatic_winccMatch15.1update_5

siemenssimatic_winccMatch15.1update_6

siemenssimatic_winccMatch16-

siemenssimatic_winccMatch16update1

siemenssimatic_winccMatch16update2

siemenssimatic_winccMatch16update3

siemenssimatic_winccMatch16update4

siemenssimatic_winccMatch17-

siemenssimatic_winccMatch17update1

CPENameOperatorVersion
siemens:simatic_pcs_7siemens simatic pcs 7le8.2
siemens:simatic_pcs_7siemens simatic pcs 7eq9.0
siemens:simatic_pcs_7siemens simatic pcs 7eq9.1
siemens:simatic_winccsiemens simatic wincclt7.4
siemens:simatic_winccsiemens simatic wincceq7.5
siemens:simatic_winccsiemens simatic wincceq13
siemens:simatic_winccsiemens simatic wincceq14.0.1
siemens:simatic_winccsiemens simatic wincceq15
siemens:simatic_winccsiemens simatic wincceq15.1
siemens:simatic_winccsiemens simatic wincceq16

CPE	Name	Operator	Version
siemens:simatic_pcs_7	siemens simatic pcs 7	le	8.2
siemens:simatic_pcs_7	siemens simatic pcs 7	eq	9.0
siemens:simatic_pcs_7	siemens simatic pcs 7	eq	9.1
siemens:simatic_wincc	siemens simatic wincc	lt	7.4
siemens:simatic_wincc	siemens simatic wincc	eq	7.5
siemens:simatic_wincc	siemens simatic wincc	eq	13
siemens:simatic_wincc	siemens simatic wincc	eq	14.0.1
siemens:simatic_wincc	siemens simatic wincc	eq	15
siemens:simatic_wincc	siemens simatic wincc	eq	15.1
siemens:simatic_wincc	siemens simatic wincc	eq	16

Rows per page:

1-10 of 111

CNA Affected

[
  {
    "product": "SIMATIC PCS 7 V8.2",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC PCS 7 V9.0",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC PCS 7 V9.1",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V9.1 SP1"
      }
    ]
  },
  {
    "product": "SIMATIC WinCC V15 and earlier",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15 SP1 Update 7"
      }
    ]
  },
  {
    "product": "SIMATIC WinCC V16",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V16 Update 5"
      }
    ]
  },
  {
    "product": "SIMATIC WinCC V17",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V17 Update 2"
      }
    ]
  },
  {
    "product": "SIMATIC WinCC V7.4",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V7.4 SP1 Update 19"
      }
    ]
  },
  {
    "product": "SIMATIC WinCC V7.5",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V7.5 SP2 Update 6"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.1%

JSON

Related for CVE-2021-40360

cnvd1 nvd1 cvelist1 prion1 ics1