Lucene search

SiemensCVE-2021-37186

HistorySep 14, 2021 - 11:15 a.m.

CVE-2021-37186

2021-09-1411:15:25

CWE-330

siemens

web.nvd.nist.gov

cve-2021-37186

logo! cmr2020

logo! cmr2040

simatic rtu3010c

simatic rtu3030c

simatic rtu3031c

simatic rtu3041c

tcp/ip stack vulnerability

isn

network security

information security

CVSS2

4.8

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:P/A:N

CVSS3

5.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

25.0%

JSON

A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU3010C (All versions < V4.0.9), SIMATIC RTU3030C (All versions < V4.0.9), SIMATIC RTU3031C (All versions < V4.0.9), SIMATIC RTU3041C (All versions < V4.0.9). The underlying TCP/IP stack does not properly calculate the random numbers used as ISN (Initial Sequence Numbers). An adjacent attacker with network access to the LAN interface could interfere with traffic, spoof the connection and gain access to sensitive information.

Affected configurations

Nvd

Node

siemenslogo\!_cmr2020_firmwareRange<2.2

AND

siemenslogo\!_cmr2020Match-

Node

siemenslogo\!_cmr2040_firmwareRange<2.2

AND

siemenslogo\!_cmr2040Match-

Node

siemenssimatic_rtu3010c_firmwareRange<4.0.9

AND

siemenssimatic_rtu3010c

Node

siemenssimatic_rtu3030c_firmwareRange<4.0.9

AND

siemenssimatic_rtu3030c

Node

siemenssimatic_rtu3031c_firmwareRange<4.0.9

AND

siemenssimatic_rtu3031c

Node

siemenssimatic_rtu3041c_firmwareRange<4.0.9

AND

siemenssimatic_rtu3041c

VendorProductVersionCPE
siemenslogo\!_cmr2020_firmware*cpe:2.3:o:siemens:logo\!_cmr2020_firmware:*:*:*:*:*:*:*:*
siemenslogo\!_cmr2020-cpe:2.3:h:siemens:logo\!_cmr2020:-:*:*:*:*:*:*:*
siemenslogo\!_cmr2040_firmware*cpe:2.3:o:siemens:logo\!_cmr2040_firmware:*:*:*:*:*:*:*:*
siemenslogo\!_cmr2040-cpe:2.3:h:siemens:logo\!_cmr2040:-:*:*:*:*:*:*:*
siemenssimatic_rtu3010c_firmware*cpe:2.3:o:siemens:simatic_rtu3010c_firmware:*:*:*:*:*:*:*:*
siemenssimatic_rtu3010c*cpe:2.3:h:siemens:simatic_rtu3010c:*:*:*:*:*:*:*:*
siemenssimatic_rtu3030c_firmware*cpe:2.3:o:siemens:simatic_rtu3030c_firmware:*:*:*:*:*:*:*:*
siemenssimatic_rtu3030c*cpe:2.3:h:siemens:simatic_rtu3030c:*:*:*:*:*:*:*:*
siemenssimatic_rtu3031c_firmware*cpe:2.3:o:siemens:simatic_rtu3031c_firmware:*:*:*:*:*:*:*:*
siemenssimatic_rtu3031c*cpe:2.3:h:siemens:simatic_rtu3031c:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	logo\!_cmr2020_firmware	*	cpe:2.3:o:siemens:logo\!_cmr2020_firmware::::::::
siemens	logo\!_cmr2020	-	cpe:2.3:h:siemens:logo\!_cmr2020:-:::::::*
siemens	logo\!_cmr2040_firmware	*	cpe:2.3:o:siemens:logo\!_cmr2040_firmware::::::::
siemens	logo\!_cmr2040	-	cpe:2.3:h:siemens:logo\!_cmr2040:-:::::::*
siemens	simatic_rtu3010c_firmware	*	cpe:2.3:o:siemens:simatic_rtu3010c_firmware::::::::
siemens	simatic_rtu3010c	*	cpe:2.3:h:siemens:simatic_rtu3010c::::::::
siemens	simatic_rtu3030c_firmware	*	cpe:2.3:o:siemens:simatic_rtu3030c_firmware::::::::
siemens	simatic_rtu3030c	*	cpe:2.3:h:siemens:simatic_rtu3030c::::::::
siemens	simatic_rtu3031c_firmware	*	cpe:2.3:o:siemens:simatic_rtu3031c_firmware::::::::
siemens	simatic_rtu3031c	*	cpe:2.3:h:siemens:simatic_rtu3031c::::::::

Rows per page:

1-10 of 121

CNA Affected

[
  {
    "product": "LOGO! CMR2020",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V2.2"
      }
    ]
  },
  {
    "product": "LOGO! CMR2040",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V2.2"
      }
    ]
  },
  {
    "product": "SIMATIC RTU3010C",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.0.9"
      }
    ]
  },
  {
    "product": "SIMATIC RTU3030C",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.0.9"
      }
    ]
  },
  {
    "product": "SIMATIC RTU3031C",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.0.9"
      }
    ]
  },
  {
    "product": "SIMATIC RTU3041C",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V4.0.9"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-316383.pdf

CVSS2

4.8

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:P/A:N

CVSS3

5.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

25.0%

JSON

Related for CVE-2021-37186