Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveSiemensCVE-2024-37994
HistorySep 10, 2024 - 10:15 a.m.

CVE-2024-37994

2024-09-1010:15:11
CWE-912
siemens
web.nvd.nist.gov
23
simatic reader rf series
configuration item
debug functionality
information disclosure

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CVSS4

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/SC:N/VI:L/SI:N/VA:N/SA:N

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

18.4%

JSON

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment.

Affected configurations

Nvd
Node
siemenssimatic_rf360r_firmwareRange<2.2
AND
siemenssimatic_rf360rMatch-
Node
siemenssimatic_rf1170r_firmwareRange<1.1
AND
siemenssimatic_rf1170rMatch-
Node
siemenssimatic_rf1140r_firmwareRange<1.1
AND
siemenssimatic_rf1140rMatch-
Node
siemenssimatic_reader_rf685r_fcc_firmwareRange<4.2
AND
siemenssimatic_reader_rf685r_fccMatch-
Node
siemenssimatic_reader_rf685r_etsi_firmwareRange<4.2
AND
siemenssimatic_reader_rf685r_etsiMatch-
Node
siemenssimatic_reader_rf685r_cmiit_firmwareRange<4.2
AND
siemenssimatic_reader_rf685r_cmiitMatch-
Node
siemenssimatic_reader_rf685r_arib_firmwareRange<4.2
AND
siemenssimatic_reader_rf685r_aribMatch-
Node
siemenssimatic_reader_rf680r_fcc_firmwareRange<4.2
AND
siemenssimatic_reader_rf680r_fccMatch-
Node
siemenssimatic_reader_rf680r_etsi_firmwareRange<4.2
AND
siemenssimatic_reader_rf680r_etsiMatch-
Node
siemenssimatic_reader_rf680r_cmiit_firmwareRange<4.2
AND
siemenssimatic_reader_rf680r_cmiitMatch-
Node
siemenssimatic_reader_rf680r_arib_firmwareRange<4.2
AND
siemenssimatic_reader_rf680r_aribMatch-
Node
siemenssimatic_reader_rf650r_fcc_firmwareRange<4.2
AND
siemenssimatic_reader_rf650r_fccMatch-
Node
siemenssimatic_reader_rf650r_etsi_firmwareRange<4.2
AND
siemenssimatic_reader_rf650r_etsiMatch-
Node
siemenssimatic_reader_rf650r_cmiit_firmwareRange<4.2
AND
siemenssimatic_reader_rf650r_cmiitMatch-
Node
siemenssimatic_reader_rf650r_arib_firmwareRange<4.2
AND
siemenssimatic_reader_rf650r_aribMatch-
Node
siemenssimatic_reader_rf615r_fcc_firmwareRange<4.2
AND
siemenssimatic_reader_rf615r_fccMatch-
Node
siemenssimatic_reader_rf615r_etsi_firmwareRange<4.2
AND
siemenssimatic_reader_rf615r_etsiMatch-
Node
siemenssimatic_reader_rf615r_cmiit_firmwareRange<4.2
AND
siemenssimatic_reader_rf615r_cmiitMatch-
Node
siemenssimatic_reader_rf610r_fcc_firmwareRange<4.2
AND
siemenssimatic_reader_rf610r_fccMatch-
Node
siemenssimatic_reader_rf610r_etsi_firmwareRange<4.2
AND
siemenssimatic_reader_rf610r_etsiMatch-
Node
siemenssimatic_reader_rf610r_cmiit_firmwareRange<4.2
AND
siemenssimatic_reader_rf610r_cmiitMatch-
Node
siemenssimatic_rf188ci_firmwareRange<2.2
AND
siemenssimatic_rf188ciMatch-
Node
siemenssimatic_rf188c_firmwareRange<2.2
AND
siemenssimatic_rf188cMatch-
Node
siemenssimatic_rf186ci_firmwareRange<2.2
AND
siemenssimatic_rf186ciMatch-
Node
siemenssimatic_rf186c_firmwareRange<2.2
AND
siemenssimatic_rf186cMatch-
Node
siemenssimatic_rf185c_firmwareRange<2.2
AND
siemenssimatic_rf185cMatch-
Node
siemenssimatic_rf166c_firmwareRange<2.2
AND
siemenssimatic_rf166cMatch-
VendorProductVersionCPE
siemenssimatic_rf360r_firmware*cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*
siemenssimatic_rf360r-cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*
siemenssimatic_rf1170r_firmware*cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*
siemenssimatic_rf1170r-cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*
siemenssimatic_rf1140r_firmware*cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*
siemenssimatic_rf1140r-cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*
siemenssimatic_reader_rf685r_fcc_firmware*cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*
siemenssimatic_reader_rf685r_fcc-cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*
siemenssimatic_reader_rf685r_etsi_firmware*cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*
siemenssimatic_reader_rf685r_etsi-cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 541

CNA Affected

[
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF610R CMIIT",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF610R ETSI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF610R FCC",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF615R CMIIT",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF615R ETSI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF615R FCC",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF650R ARIB",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF650R CMIIT",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF650R ETSI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF650R FCC",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF680R ARIB",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF680R CMIIT",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF680R ETSI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF680R FCC",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF685R ARIB",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF685R CMIIT",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF685R ETSI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC Reader RF685R FCC",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V4.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF1140R",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF1170R",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V1.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF166C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF185C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF186C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF186CI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF188C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF188CI",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC RF360R",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.2",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Related

cvelist 1
nvd 1
vulnrichment 1
ics 1
cvelist
cvelist
CVE-2024-37994
2024-09-10 09:36:40
nvd
nvd
CVE-2024-37994
2024-09-10 10:15:11
vulnrichment
vulnrichment
CVE-2024-37994
2024-09-10 09:36:40
ics
ics
Siemens SIMATIC RFID Readers
2024-09-12 12:00:00

CVSS3

7.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CVSS4

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/SC:N/VI:L/SI:N/VA:N/SA:N

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

18.4%

JSON
Related for CVE-2024-37994
cvelist1nvd1vulnrichment1ics1