Lucene search

[email protected]CVE-2021-40358

HistoryNov 09, 2021 - 12:15 p.m.

CVE-2021-40358

2021-11-0912:15:09

CWE-22

[email protected]

web.nvd.nist.gov

cve-2021-40358

simatic pcs 7

wincc

path traversal

remote attack

critical files

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.9%

JSON

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). Legitimate file operations on the web server of the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read, write or delete unexpected critical files.

Affected configurations

NVD

Node

siemenssimatic_pcs_7Match8.2

siemenssimatic_pcs_7Match9.0-

siemenssimatic_pcs_7Match9.1-

siemenssimatic_winccMatch7.4

siemenssimatic_winccMatch7.4-

siemenssimatic_winccMatch7.4sp1

siemenssimatic_winccMatch7.4sp1_update1

siemenssimatic_winccMatch7.4sp1_update10

siemenssimatic_winccMatch7.4sp1_update11

siemenssimatic_winccMatch7.4sp1_update12

siemenssimatic_winccMatch7.4sp1_update13

siemenssimatic_winccMatch7.4sp1_update14

siemenssimatic_winccMatch7.4sp1_update15

siemenssimatic_winccMatch7.4sp1_update16

siemenssimatic_winccMatch7.4sp1_update17

siemenssimatic_winccMatch7.4sp1_update18

siemenssimatic_winccMatch7.4sp1_update2

siemenssimatic_winccMatch7.4sp1_update3

siemenssimatic_winccMatch7.4sp1_update4

siemenssimatic_winccMatch7.4sp1_update5

siemenssimatic_winccMatch7.4sp1_update6

siemenssimatic_winccMatch7.4sp1_update7

siemenssimatic_winccMatch7.4sp1_update8

siemenssimatic_winccMatch7.4sp1_update9

siemenssimatic_winccMatch7.4update_1

siemenssimatic_winccMatch7.5-

siemenssimatic_winccMatch7.5sp1

siemenssimatic_winccMatch7.5sp1_update1

siemenssimatic_winccMatch7.5sp1_update2

siemenssimatic_winccMatch7.5sp2

siemenssimatic_winccMatch7.5sp2_update1

siemenssimatic_winccMatch7.5sp2_update2

siemenssimatic_winccMatch7.5sp2_update3

siemenssimatic_winccMatch7.5sp2_update4

siemenssimatic_winccMatch15

siemenssimatic_winccMatch15.1-

siemenssimatic_winccMatch15.1update_1

siemenssimatic_winccMatch15.1update_2

siemenssimatic_winccMatch15.1update_3

siemenssimatic_winccMatch15.1update_4

siemenssimatic_winccMatch15.1update_5

siemenssimatic_winccMatch15.1update_6

siemenssimatic_winccMatch16update1

siemenssimatic_winccMatch16update2

siemenssimatic_winccMatch16update3

siemenssimatic_winccMatch16update4

siemenssimatic_winccMatch17

siemenssimatic_winccMatch17update1

CPENameOperatorVersion
siemens:simatic_pcs_7siemens simatic pcs 7eq8.2
siemens:simatic_pcs_7siemens simatic pcs 7eq9.0
siemens:simatic_pcs_7siemens simatic pcs 7eq9.1
siemens:simatic_winccsiemens simatic wincceq7.4
siemens:simatic_winccsiemens simatic wincceq7.5
siemens:simatic_winccsiemens simatic wincceq15
siemens:simatic_winccsiemens simatic wincceq15.1
siemens:simatic_winccsiemens simatic wincceq16
siemens:simatic_winccsiemens simatic wincceq17

CPE	Name	Operator	Version
siemens:simatic_pcs_7	siemens simatic pcs 7	eq	8.2
siemens:simatic_pcs_7	siemens simatic pcs 7	eq	9.0
siemens:simatic_pcs_7	siemens simatic pcs 7	eq	9.1
siemens:simatic_wincc	siemens simatic wincc	eq	7.4
siemens:simatic_wincc	siemens simatic wincc	eq	7.5
siemens:simatic_wincc	siemens simatic wincc	eq	15
siemens:simatic_wincc	siemens simatic wincc	eq	15.1
siemens:simatic_wincc	siemens simatic wincc	eq	16
siemens:simatic_wincc	siemens simatic wincc	eq	17

CNA Affected

[
  {
    "vendor": "Siemens",
    "product": "SIMATIC PCS 7 V8.2",
    "versions": [
      {
        "version": "All versions",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC PCS 7 V9.0",
    "versions": [
      {
        "version": "All versions < V9.0 SP3 UC04",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC PCS 7 V9.1",
    "versions": [
      {
        "version": "All versions < V9.1 SP1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC WinCC V15 and earlier",
    "versions": [
      {
        "version": "All versions < V15 SP1 Update 7",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC WinCC V16",
    "versions": [
      {
        "version": "All versions < V16 Update 5",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC WinCC V17",
    "versions": [
      {
        "version": "All versions < V17 Update 2",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC WinCC V7.4",
    "versions": [
      {
        "version": "All versions < V7.4 SP1 Update 19",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SIMATIC WinCC V7.5",
    "versions": [
      {
        "version": "All versions < V7.5 SP2 Update 5",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf

Social References

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.9%

JSON

Related for CVE-2021-40358

cnvd1 nvd1 cvelist1 prion1 ics1