Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2022-34819.NASL
HistoryJul 21, 2022 - 12:00 a.m.

Siemens (CVE-2022-34819) (deprecated)

2022-07-2100:00:00
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
52

0.002 Low

EPSS

Percentile

61.1%

JSON

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

##
# (C) Tenable, Inc.
#
# @DEPRECATED@
#
# Disabled on 2022-07-27.
##

include('compat.inc');

if (description)
{
  script_id(500683);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/07/27");

  script_cve_id("CVE-2022-34819");

  script_name(english:"Siemens (CVE-2022-34819) (deprecated)");

  script_set_attribute(attribute:"synopsis", value:
"This plugin has been deprecated.");
  script_set_attribute(attribute:"description", value:
"A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All
versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU
(All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP
1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >=
V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1
(All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All
versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >=
V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >=
V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1
(All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions),
SIPLUS S7-1200 CP 1243-1 RAIL (All versions). The application lacks
proper validation of user-supplied data when parsing specific
messages. This could result in a heap-based buffer overflow. An
attacker could leverage this vulnerability to execute code in the
context of device.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf");
  script_set_attribute(attribute:"solution", value:
"n/a");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-34819");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(787);

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/07/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/07/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/07/21");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1200_cp_1243-1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}

exit(0, "This plugin has been deprecated.");
VendorProductVersionCPE
siemenssiplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmwarecpe:/o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware
siemenssiplus_et_200sp_cp_1543sp-1_isec_firmwarecpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware
siemenssiplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmwarecpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware
siemenssiplus_s7-1200_cp_1243-1_firmwarecpe:/o:siemens:siplus_s7-1200_cp_1243-1_firmware
siemenssiplus_s7-1200_cp_1243-1_rail_firmwarecpe:/o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware

Related

cve 1
prion 1
cvelist 1
nvd 1
ics 1
cve
cve
CVE-2022-34819
2022-07-12 10:15:12
prion
prion
Heap overflow
2022-07-12 10:15:00
cvelist
cvelist
CVE-2022-34819
2022-07-12 10:07:27
nvd
nvd
CVE-2022-34819
2022-07-12 10:15:12
ics
ics
Siemens SRCS VPN Feature in SIMATIC CP Devices (Update A)
2022-08-11 12:00:00

0.002 Low

EPSS

Percentile

61.1%

JSON
Related for TENABLE_OT_SIEMENS_CVE-2022-34819.NASL
cve1prion1cvelist1nvd1ics1