Lucene search

China National Vulnerability DatabaseCNVD-2023-97258

HistoryDec 13, 2023 - 12:00 a.m.

Siemens SCALANCE M-800/S615 Series OS Command Injection Vulnerability

2023-12-1300:00:00

China National Vulnerability Database

www.cnvd.org.cn

siemens

scalance m-800

s615 series

os command injection

vulnerability

industrial routers

exploited

cnvd

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:M/C:P/I:P/A:P

JSON

The SCALANCE M-800, MUM-800 and S615 and the RUGGEDCOM RM1224 are industrial routers. An operating system command injection vulnerability exists in the Siemens SCALANCE M-800/S615 series, which can be exploited by an attacker to execute commands on the system.

CPENameOperatorVersion
siemens ruggedcom rm1224 lte(4g) eu (6gk6108-4am00-2ba2) < veq8.0
siemens ruggedcom rm1224 lte(4g) nam (6gk6108-4am00-2da2) < veq8.0
siemens scalance m804pb (6gk5804-0ap00-2aa2) < veq8.0
siemens scalance m812-1 adsl-router (annex a) (6gk5812-1aa00-2aa2) < veq8.0
siemens scalance m812-1 adsl-router (annex b) (6gk5812-1ba00-2aa2) < veq8.0
siemens scalance m816-1 adsl-router (annex a) (6gk5816-1aa00-2aa2) < veq8.0
siemens scalance m816-1 adsl-router (annex b) (6gk5816-1ba00-2aa2) < veq8.0
siemens scalance m826-2 shdsl-router (6gk5826-2ab00-2ab2) < veq8.0
siemens scalance m874-2 (6gk5874-2aa00-2aa2) < veq8.0
siemens scalance m874-3 (6gk5874-3aa00-2aa2) < veq8.0

Name	Operator	Version
siemens ruggedcom rm1224 lte(4g) eu (6gk6108-4am00-2ba2) < v	eq	8.0
siemens ruggedcom rm1224 lte(4g) nam (6gk6108-4am00-2da2) < v	eq	8.0
siemens scalance m804pb (6gk5804-0ap00-2aa2) < v	eq	8.0
siemens scalance m812-1 adsl-router (annex a) (6gk5812-1aa00-2aa2) < v	eq	8.0
siemens scalance m812-1 adsl-router (annex b) (6gk5812-1ba00-2aa2) < v	eq	8.0
siemens scalance m816-1 adsl-router (annex a) (6gk5816-1aa00-2aa2) < v	eq	8.0
siemens scalance m816-1 adsl-router (annex b) (6gk5816-1ba00-2aa2) < v	eq	8.0
siemens scalance m826-2 shdsl-router (6gk5826-2ab00-2ab2) < v	eq	8.0
siemens scalance m874-2 (6gk5874-2aa00-2aa2) < v	eq	8.0
siemens scalance m874-3 (6gk5874-3aa00-2aa2) < v	eq	8.0

Rows per page:

1-10 of 201

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:M/C:P/I:P/A:P

JSON

Related for CNVD-2023-97258