Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveSiemensCVE-2024-37991
HistorySep 10, 2024 - 10:15 a.m.

CVE-2024-37991

2024-09-1010:15:10
CWE-200
CWE-306
siemens
web.nvd.nist.gov
24
simatic readers
vulnerability
service log files
unauthenticated access

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CVSS4

6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/SC:N/VI:N/SI:N/VA:N/SA:N

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

32.8%

JSON

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information.

Affected configurations

Nvd
Node
siemenssimatic_rf360r_firmwareRange<2.2
AND
siemenssimatic_rf360rMatch-
Node
siemenssimatic_rf1170r_firmwareRange<1.1
AND
siemenssimatic_rf1170rMatch-
Node
siemenssimatic_rf1140r_firmwareRange<1.1
AND
siemenssimatic_rf1140rMatch-
Node
siemenssimatic_reader_rf685r_fcc_firmwareRange<4.2
AND
siemenssimatic_reader_rf685r_fccMatch-
Node
siemenssimatic_reader_rf685r_etsi_firmwareRange<4.2
AND
siemenssimatic_reader_rf685r_etsiMatch-
Node
siemenssimatic_reader_rf685r_cmiit_firmwareRange<4.2
AND
siemenssimatic_reader_rf685r_cmiitMatch-
Node
siemenssimatic_reader_rf685r_arib_firmwareRange<4.2
AND
siemenssimatic_reader_rf685r_aribMatch-
Node
siemenssimatic_reader_rf680r_fcc_firmwareRange<4.2
AND
siemenssimatic_reader_rf680r_fccMatch-
Node
siemenssimatic_reader_rf680r_etsi_firmwareRange<4.2
AND
siemenssimatic_reader_rf680r_etsiMatch-
Node
siemenssimatic_reader_rf680r_cmiit_firmwareRange<4.2
AND
siemenssimatic_reader_rf680r_cmiitMatch-
Node
siemenssimatic_reader_rf680r_arib_firmwareRange<4.2
AND
siemenssimatic_reader_rf680r_aribMatch-
Node
siemenssimatic_reader_rf650r_fcc_firmwareRange<4.2
AND
siemenssimatic_reader_rf650r_fccMatch-
Node
siemenssimatic_reader_rf650r_etsi_firmwareRange<4.2
AND
siemenssimatic_reader_rf650r_etsiMatch-
Node
siemenssimatic_reader_rf650r_cmiit_firmwareRange<4.2
AND
siemenssimatic_reader_rf650r_cmiitMatch-
Node
siemenssimatic_reader_rf650r_arib_firmwareRange<4.2
AND
siemenssimatic_reader_rf650r_aribMatch-
Node
siemenssimatic_reader_rf615r_fcc_firmwareRange<4.2
AND
siemenssimatic_reader_rf615r_fccMatch-
Node
siemenssimatic_reader_rf615r_etsi_firmwareRange<4.2
AND
siemenssimatic_reader_rf615r_etsiMatch-
Node
siemenssimatic_reader_rf615r_cmiit_firmwareRange<4.2
AND
siemenssimatic_reader_rf615r_cmiitMatch-
Node
siemenssimatic_reader_rf610r_fcc_firmwareRange<4.2
AND
siemenssimatic_reader_rf610r_fccMatch-
Node
siemenssimatic_reader_rf610r_etsi_firmwareRange<4.2
AND
siemenssimatic_reader_rf610r_etsiMatch-
Node
siemenssimatic_reader_rf610r_cmiit_firmwareRange<4.2
AND
siemenssimatic_reader_rf610r_cmiitMatch-
Node
siemenssimatic_rf188ci_firmwareRange<2.2
AND
siemenssimatic_rf188ciMatch-
Node
siemenssimatic_rf188c_firmwareRange<2.2
AND
siemenssimatic_rf188cMatch-
Node
siemenssimatic_rf186ci_firmwareRange<2.2
AND
siemenssimatic_rf186ciMatch-
Node
siemenssimatic_rf186c_firmwareRange<2.2
AND
siemenssimatic_rf186cMatch-
Node
siemenssimatic_rf185c_firmwareRange<2.2
AND
siemenssimatic_rf185cMatch-
Node
siemenssimatic_rf166c_firmwareRange<2.2
AND
siemenssimatic_rf166cMatch-
VendorProductVersionCPE
siemenssimatic_rf360r_firmware*cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*
siemenssimatic_rf360r-cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*
siemenssimatic_rf1170r_firmware*cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*
siemenssimatic_rf1170r-cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*
siemenssimatic_rf1140r_firmware*cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*
siemenssimatic_rf1140r-cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*
siemenssimatic_reader_rf685r_fcc_firmware*cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*
siemenssimatic_reader_rf685r_fcc-cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*
siemenssimatic_reader_rf685r_etsi_firmware*cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*
siemenssimatic_reader_rf685r_etsi-cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 541

CNA Affected

[
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF610R CMIIT",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF610R ETSI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF610R FCC",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF615R CMIIT",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF615R ETSI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF615R FCC",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF650R ARIB",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF650R CMIIT",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF650R ETSI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF650R FCC",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF680R ARIB",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF680R CMIIT",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF680R ETSI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF680R FCC",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF685R ARIB",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF685R CMIIT",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF685R ETSI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF685R FCC",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF1140R",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF1170R",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF166C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF185C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF186C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF186CI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF188C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF188CI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF360R",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Related

cvelist 1
nvd 1
vulnrichment 1
ics 1
cvelist
cvelist
CVE-2024-37991
2024-09-10 09:36:35
nvd
nvd
CVE-2024-37991
2024-09-10 10:15:10
vulnrichment
vulnrichment
CVE-2024-37991
2024-09-10 09:36:35
ics
ics
Siemens SIMATIC RFID Readers
2024-09-12 12:00:00

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CVSS4

6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/SC:N/VI:N/SI:N/VA:N/SA:N

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

32.8%

JSON
Related for CVE-2024-37991
cvelist1nvd1vulnrichment1ics1