Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2023-37195.NASLHistoryFeb 20, 2024 - 12:00 a.m.
Siemens SIMATIC CP Products Uncontrolled Resource Consumption (CVE-2023-37195)
2024-02-2000:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
siemens simatic cp
uncontrolled resource consumption
cve-2023-37195
vulnerability
local attackers
denial of service
physical power cycle
CVSS3
4.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
5.1%
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions).
Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests. This could allow local attackers with administrative privileges to cause a denial of service situation on the host. A physical power cycle is required to get the system working again.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501998);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/21");
script_cve_id("CVE-2023-37195");
script_name(english:"Siemens SIMATIC CP Products Uncontrolled Resource Consumption (CVE-2023-37195)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"A vulnerability has been identified in SIMATIC CP 1604 (All versions),
SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions),
SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions).
Affected devices insufficiently control continuous mapping of direct
memory access (DMA) requests. This could allow local attackers with
administrative privileges to cause a denial of service situation on
the host. A physical power cycle is required to get the system working
again.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-784849.pdf");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:M/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-37195");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(400);
script_set_attribute(attribute:"vuln_publication_date", value:"2023/10/10");
script_set_attribute(attribute:"patch_publication_date", value:"2023/10/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/02/20");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_cp_1604_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_cp_1616_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_cp_1623_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_cp_1626_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_cp_1628_firmware:-");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Siemens");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Siemens');
var asset = tenable_ot::assets::get(vendor:'Siemens');
var vuln_cpes = {
"cpe:/o:siemens:simatic_cp_1604_firmware:-" :
{"family" : "NETCP1600", "orderNumbers" : ["6GK1160-4AA01"]},
"cpe:/o:siemens:simatic_cp_1616_firmware:-" :
{"family" : "NETCP1600", "orderNumbers" : ["6GK1161-6AA02"]},
"cpe:/o:siemens:simatic_cp_1623_firmware:-" :
{"family" : "NETCP1600", "orderNumbers" : ["6GK1162-3AA00"]},
"cpe:/o:siemens:simatic_cp_1626_firmware:-" :
{"family" : "NETCP1600", "orderNumbers" : ["6GK1162-6AA01"]},
"cpe:/o:siemens:simatic_cp_1628_firmware:-" :
{"family" : "NETCP1600", "orderNumbers" : ["6GK1162-8AA00"]}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
Related
cvelist
cvelist
CVE-2023-37195
2023-10-10 10:21:24
cve
cve
CVE-2023-37195
2023-10-10 11:15:11
vulnrichment
vulnrichment
CVE-2023-37195
2023-10-10 10:21:24
prion
prion
Design/Logic Flaw
2023-10-10 11:15:00
cnvd
cnvd
Siemens SIMATIC CP Device Uncontrolled Resource Consumption Vulnerability
2023-10-11 00:00:00
nvd
nvd
CVE-2023-37195
2023-10-10 11:15:11
ics
ics
Siemens SIMATIC CP products
2023-10-12 12:00:00
CVSS3
4.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
5.1%
Related for TENABLE_OT_SIEMENS_CVE-2023-37195.NASL