Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-15798
HistoryFeb 09, 2021 - 5:15 p.m.

CVE-2020-15798

2021-02-0917:15:13
CWE-306
[email protected]
web.nvd.nist.gov
28
4
vulnerability
simatic
hmi comfort panels
ktp mobile panels
sinamics
telnet
authentication
remote attacker
access

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.013 Low

EPSS

Percentile

86.0%

JSON

A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with enabled telnet service do not require authentication for this service. This could allow a remote attacker to gain full access to the device. (ZDI-CAN-12046)

Affected configurations

NVD
Node
siemenssimatic_hmi_comfort_panelsMatch-
AND
siemenssimatic_hmi_comfort_panels_firmwareRange<16.0
OR
siemenssimatic_hmi_comfort_panels_firmwareMatch16.0-
OR
siemenssimatic_hmi_comfort_panels_firmwareMatch16.0update1
OR
siemenssimatic_hmi_comfort_panels_firmwareMatch16.0update2
OR
siemenssimatic_hmi_comfort_panels_firmwareMatch16.0update3
Node
siemenssimatic_hmi_ktp_mobile_panelsMatch-
AND
siemenssimatic_hmi_ktp_mobile_panels_firmwareRange<16.0
OR
siemenssimatic_hmi_ktp_mobile_panels_firmwareMatch16.0-
OR
siemenssimatic_hmi_ktp_mobile_panels_firmwareMatch16.0update1
OR
siemenssimatic_hmi_ktp_mobile_panels_firmwareMatch16.0update2
OR
siemenssimatic_hmi_ktp_mobile_panels_firmwareMatch16.0update3
Node
siemenssinamics_gh150Match-
AND
siemenssinamics_gh150_firmwareMatch-
Node
siemenssinamics_gl150Match-
AND
siemenssinamics_gl150_firmwareMatch-
Node
siemenssinamics_gm150_firmwareMatch-
AND
siemenssinamics_gm150Match-
Node
siemenssinamics_sh150Match-
AND
siemenssinamics_sh150_firmwareMatch-
Node
siemenssinamics_sl150Match-
AND
siemenssinamics_sl150_firmwareMatch-
Node
siemenssinamics_sm150Match-
AND
siemenssinamics_sm150_firmwareMatch-
Node
siemenssinamics_sm120Match-
AND
siemenssinamics_sm120_firmwareMatch-
Node
siemenssinamics_sm150i_firmwareMatch-
AND
siemenssinamics_sm150iMatch-

CNA Affected

[
  {
    "product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V16 Update 3a"
      }
    ]
  },
  {
    "product": "SIMATIC HMI KTP Mobile Panels",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V16 Update 3a"
      }
    ]
  },
  {
    "product": "SINAMICS GH150",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SINAMICS GL150 (with option X30)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SINAMICS GM150 (with option X30)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SINAMICS SH150",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SINAMICS SL150",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SINAMICS SM120",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SINAMICS SM150",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SINAMICS SM150i",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  }
]

Social References

More

Related

prion 1
cvelist 1
nvd 1
zdi 1
ics 2
prion
prion
Authentication flaw
2021-02-09 17:15:00
cvelist
cvelist
CVE-2020-15798
2021-02-09 15:38:17
nvd
nvd
CVE-2020-15798
2021-02-09 17:15:13
zdi
zdi
Siemens Comfort Panel Telnet Service Missing Authentication Remote Code Execution Vulnerability
2021-02-04 00:00:00
ics
ics
Siemens SIMATIC HMI Comfort Panels & SIMATIC HMI KTP Mobile Panels
2021-02-02 12:00:00
Siemens SINAMICS Medium Voltage Products Telnet (Update A)
2021-08-10 12:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.013 Low

EPSS

Percentile

86.0%

JSON
Related for CVE-2020-15798
prion1cvelist1nvd1zdi1ics2