Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2023-27465
HistoryJun 13, 2023 - 9:15 a.m.

CVE-2023-27465

2023-06-1309:15:16
CWE-213
CWE-200
[email protected]
web.nvd.nist.gov
13
cve-2023-27465
simotion
vulnerability
unauthenticated access
debugging services
nvd
technology object configuration
security level low

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.4%

JSON

A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D445-2 DP/PN (All versions >= V5.4), SIMOTION D445-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D455-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION P320-4 E (All versions >= V5.4), SIMOTION P320-4 S (All versions >= V5.4). When operated with Security Level Low the device does not protect access to certain services relevant for debugging. This could allow an unauthenticated attacker to extract confidential technology object (TO) configuration from the device.

Affected configurations

NVD
Node
siemenssimotion_d425-2_dpMatch-
AND
siemenssimotion_d425-2_dp_firmwareRange5.45.5
OR
siemenssimotion_d425-2_dp_firmwareMatch5.5-
Node
siemenssimotion_d425-2_dp\/pnMatch-
AND
siemenssimotion_d425-2_dp\/pn_firmwareRange5.45.5
OR
siemenssimotion_d425-2_dp\/pn_firmwareMatch5.5-
Node
siemenssimotion_d435-2_dp_firmwareRange5.45.5
OR
siemenssimotion_d435-2_dp_firmwareMatch5.5-
AND
siemenssimotion_d435-2_dpMatch-
Node
siemenssimotion_d435-2_dp\/pn_firmwareRange5.45.5
OR
siemenssimotion_d435-2_dp\/pn_firmwareMatch5.5-
AND
siemenssimotion_d435-2_dp\/pnMatch-
Node
siemenssimotion_d445-2_dp\/pn_\(0aa1\)_firmwareRange5.45.5
OR
siemenssimotion_d445-2_dp\/pn_\(0aa1\)_firmwareMatch5.5-
AND
siemenssimotion_d445-2_dp\/pn_\(0aa1\)Match-
Node
siemenssimotion_d445-2_dp\/pn_\(0aa0\)_firmwareMatch5.4
AND
siemenssimotion_d445-2_dp\/pn_\(0aa0\)Match-
Node
siemenssimotion_d455-2_dp\/pn_firmwareRange5.45.5
OR
siemenssimotion_d455-2_dp\/pn_firmwareMatch5.5-
AND
siemenssimotion_d455-2_dp\/pnMatch-
Node
siemenssimotion_p320-4_eMatch-
AND
siemenssimotion_p320-4_e_firmwareMatch5.4
Node
siemenssimotion_p320-4_sMatch-
AND
siemenssimotion_p320-4_s_firmwareMatch5.4
Node
siemenssimotion_d410-2_dpMatch-
AND
siemenssimotion_d410-2_dp_firmwareRange5.45.5
OR
siemenssimotion_d410-2_dp_firmwareMatch5.5-
Node
siemenssimotion_d410-2_dp\/pnMatch-
AND
siemenssimotion_d410-2_dp\/pn_firmwareRange5.45.5
OR
siemenssimotion_d410-2_dp\/pn_firmwareMatch5.5-
Node
siemenssimotion_c240_pnMatch-
AND
siemenssimotion_c240_pn_firmwareRange5.45.5
OR
siemenssimotion_c240_pn_firmwareMatch5.5-
Node
siemenssimotion_c240Match-
AND
siemenssimotion_c240_firmwareRange5.45.5
OR
siemenssimotion_c240_firmwareMatch5.5-

CNA Affected

[
  {
    "vendor": "Siemens",
    "product": "SIMOTION C240",
    "versions": [
      {
        "version": "All versions >= V5.4 < V5.5 SP1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION C240 PN",
    "versions": [
      {
        "version": "All versions >= V5.4 < V5.5 SP1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION D410-2 DP",
    "versions": [
      {
        "version": "All versions >= V5.4 < V5.5 SP1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION D410-2 DP/PN",
    "versions": [
      {
        "version": "All versions >= V5.4 < V5.5 SP1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION D425-2 DP",
    "versions": [
      {
        "version": "All versions >= V5.4 < V5.5 SP1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION D425-2 DP/PN",
    "versions": [
      {
        "version": "All versions >= V5.4 < V5.5 SP1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION D435-2 DP",
    "versions": [
      {
        "version": "All versions >= V5.4 < V5.5 SP1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION D435-2 DP/PN",
    "versions": [
      {
        "version": "All versions >= V5.4 < V5.5 SP1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION D445-2 DP/PN",
    "versions": [
      {
        "version": "All versions >= V5.4",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION D445-2 DP/PN",
    "versions": [
      {
        "version": "All versions >= V5.4 < V5.5 SP1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION D455-2 DP/PN",
    "versions": [
      {
        "version": "All versions >= V5.4 < V5.5 SP1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION P320-4 E",
    "versions": [
      {
        "version": "All versions >= V5.4",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMOTION P320-4 S",
    "versions": [
      {
        "version": "All versions >= V5.4",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Related

prion 1
ics 1
nvd 1
cvelist 1
cnvd 1
prion
prion
Design/Logic Flaw
2023-06-13 09:15:00
ics
ics
Siemens SIMOTION
2023-06-15 12:00:00
nvd
nvd
CVE-2023-27465
2023-06-13 09:15:16
cvelist
cvelist
CVE-2023-27465
2023-06-13 08:17:06
cnvd
cnvd
Siemens SIMOTION and SIMOTION P320 Information Disclosure Vulnerability
2023-06-14 00:00:00

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.4%

JSON
Related for CVE-2023-27465
prion1ics1nvd1cvelist1cnvd1