Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2016-2846.NASL
HistoryFeb 07, 2022 - 12:00 a.m.

Siemens SIMATIC S7-1200 Improper Privilege Management (CVE-2016-2846)

2022-02-0700:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
siemens
simatic s7-1200
vulnerability
improper privilege management
bypass user program
asset
remote
protection mechanism

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

6.5

Confidence

High

EPSS

0.003

Percentile

68.1%

JSON

Siemens SIMATIC S7-1200 CPU devices before 4.0 allow remote attackers to bypass a user program block protection mechanism via unspecified vectors.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500238);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/04");

  script_cve_id("CVE-2016-2846");
  script_xref(name:"ICSA", value:"16-075-01");

  script_name(english:"Siemens SIMATIC S7-1200 Improper Privilege Management (CVE-2016-2846)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Siemens SIMATIC S7-1200 CPU devices before 4.0 allow remote attackers to bypass a user program block protection
mechanism via unspecified vectors.  

This plugin only works with Tenable.ot. Please visit
https://www.tenable.com/products/tenable-ot for more information.");
  # http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-833048.pdf
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c50c0565");
  script_set_attribute(attribute:"see_also", value:"https://ics-cert.us-cert.gov/advisories/ICSA-16-075-01");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-833048.pdf");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-2846");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(254);

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/03/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/03/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7_cpu_1200_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Siemens');

var asset = tenable_ot::assets::get(vendor:'Siemens');

var vuln_cpes = {
    "cpe:/o:siemens:simatic_s7_cpu_1200_firmware" :
        {"versionEndIncluding" : "3.0.2", "family" : "S71200"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);

Related

cve 1
cvelist 1
nessus 1
threatpost 1
nvd 1
prion 1
ics 1
cve
cve
CVE-2016-2846
2016-03-16 10:59:04
cvelist
cvelist
CVE-2016-2846
2016-03-16 10:00:00
nessus
nessus
Siemens Simatic Unspecified Vulnerability
2019-11-08 00:00:00
threatpost
threatpost
PLC Blaster Worm Targets Industrial Control PLCs
2016-08-05 16:49:27
nvd
nvd
CVE-2016-2846
2016-03-16 10:59:04
prion
prion
Design/Logic Flaw
2016-03-16 10:59:00
ics
ics
Siemens SIMATIC S7-1200 CPU Protection Mechanism Failure
2018-08-23 12:00:00

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

6.5

Confidence

High

EPSS

0.003

Percentile

68.1%

JSON
Related for TENABLE_OT_SIEMENS_CVE-2016-2846.NASL
cve1cvelist1nessus1threatpost1nvd1prion1ics1