Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2022-36363.NASLHistorySep 21, 2023 - 12:00 a.m.
Siemens LOGO! 8 BM Devices Improper Validation of Specified Index, Position, or Offset in Input (CVE-2022-36363)
2023-09-2100:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
siemens logo! 8
improper validation
memory retrieval
tcp offset
cve-2022-36363
industrial security
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
34.2%
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). Affected devices do not properly validate an offset value which can be defined in TCP packets when calling a method. This could allow an attacker to retrieve parts of the content of the memory.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501667);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/04");
script_cve_id("CVE-2022-36363");
script_xref(name:"ICSA", value:"22-286-13");
script_name(english:"Siemens LOGO! 8 BM Devices Improper Validation of Specified Index, Position, or Offset in Input (CVE-2022-36363)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS
variants) (All versions). Affected devices do not properly validate an
offset value which can be defined in TCP packets when calling a
method. This could allow an attacker to retrieve parts of the content
of the memory.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-955858.pdf");
script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-13");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
Siemens is preparing updates and recommends specific countermeasures for products where updates are not yet available:
- Only for versions prior to V8.3: Restrict access to port 10005/TCP to only trusted IP addresses.
- Only for versions including and since V8.3: Restrict access to port 8443/TCP to only trusted IP addresses.
- Restrict access to port 135/TCP to trusted IP addresses only.
As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate
mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the
environment according to Siemens' operational guidelines for industrial security and following the recommendations in
the product manuals.
Siemens has provided additional information on industrial security.
For more information, see the associated Siemens Security Advisory SSA-955858 in HTML or CSAF formats.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-36363");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(20);
script_set_attribute(attribute:"vuln_publication_date", value:"2022/10/11");
script_set_attribute(attribute:"patch_publication_date", value:"2022/10/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/09/21");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:logo%218_bm_fs-05_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:logo%21_8_bm_firmware");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Siemens");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Siemens');
var asset = tenable_ot::assets::get(vendor:'Siemens');
var vuln_cpes = {
"cpe:/o:siemens:logo%21_8_bm_firmware" :
{"family" : "LOGO!BM"},
"cpe:/o:siemens:logo%218_bm_fs-05_firmware" :
{"family" : "LOGO!BM"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
Related
cve
cve
CVE-2022-36363
2022-10-11 11:15:10
nvd
nvd
CVE-2022-36363
2022-10-11 11:15:10
prion
prion
Design/Logic Flaw
2022-10-11 11:15:00
cvelist
cvelist
CVE-2022-36363
2022-10-11 00:00:00
cnvd
cnvd
Siemens LOGO! 8 BM input validation error vulnerability
2022-10-13 00:00:00
ics
ics
Siemens LOGO! 8 BM Devices
2022-10-13 12:00:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
34.2%
Related for TENABLE_OT_SIEMENS_CVE-2022-36363.NASL