Lucene search

[email protected]CVE-2021-42029

HistoryApr 12, 2022 - 9:15 a.m.

CVE-2021-42029

2022-04-1209:15:13

CWE-284

[email protected]

web.nvd.nist.gov

cve

2021

42029

privilege escalation

simatic step 7

tia portal

access control vulnerability

web server

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.

Affected configurations

NVD

Node

siemenssimatic_step_7Range15–16

siemenssimatic_step_7Match16-

siemenssimatic_step_7Match16update1

siemenssimatic_step_7Match16update2

siemenssimatic_step_7Match16update3

siemenssimatic_step_7Match16update4

siemenssimatic_step_7Match17-

siemenssimatic_step_7Match17update1

AND

siemenssimatic_s7-1200_cpuMatch-

siemenssimatic_s7-1200_cpu_1211cMatch-

siemenssimatic_s7-1200_cpu_1212cMatch-

siemenssimatic_s7-1200_cpu_1212fcMatch-

siemenssimatic_s7-1200_cpu_1214_fcMatch-

siemenssimatic_s7-1200_cpu_1214cMatch-

siemenssimatic_s7-1200_cpu_1214fcMatch-

siemenssimatic_s7-1200_cpu_1215_fcMatch-

siemenssimatic_s7-1200_cpu_1215cMatch-

siemenssimatic_s7-1200_cpu_1215fcMatch-

siemenssimatic_s7-1200_cpu_1217cMatch-

siemenssimatic_s7-1500_cpuMatch-

siemenssimatic_s7-1500_cpu_1507sMatch-

siemenssimatic_s7-1500_cpu_1507s_fMatch-

siemenssimatic_s7-1500_cpu_1508sMatch-

siemenssimatic_s7-1500_cpu_1508s_fMatch-

siemenssimatic_s7-1500_cpu_1510spMatch-

siemenssimatic_s7-1500_cpu_1510sp-1Match-

siemenssimatic_s7-1500_cpu_1511-1Match-

siemenssimatic_s7-1500_cpu_1511-1_pnMatch-

siemenssimatic_s7-1500_cpu_1511cMatch-

siemenssimatic_s7-1500_cpu_1511c-1Match-

siemenssimatic_s7-1500_cpu_1511f-1Match-

siemenssimatic_s7-1500_cpu_1511f-1_pnMatch-

siemenssimatic_s7-1500_cpu_1511t-1Match-

siemenssimatic_s7-1500_cpu_1511tf-1Match-

siemenssimatic_s7-1500_cpu_1512cMatch-

siemenssimatic_s7-1500_cpu_1512c-1Match-

siemenssimatic_s7-1500_cpu_1512sp-1Match-

siemenssimatic_s7-1500_cpu_1512spf-1Match-

siemenssimatic_s7-1500_cpu_1513-1Match-

siemenssimatic_s7-1500_cpu_1513-1_pnMatch-

siemenssimatic_s7-1500_cpu_1513f-1Match-

siemenssimatic_s7-1500_cpu_1513f-1_pnMatch-

siemenssimatic_s7-1500_cpu_1513r-1Match-

siemenssimatic_s7-1500_cpu_1515-2Match-

siemenssimatic_s7-1500_cpu_1515-2_pnMatch-

siemenssimatic_s7-1500_cpu_1515f-2Match-

siemenssimatic_s7-1500_cpu_1515f-2_pnMatch-

siemenssimatic_s7-1500_cpu_1515r-2Match-

siemenssimatic_s7-1500_cpu_1515t-2Match-

siemenssimatic_s7-1500_cpu_1515tf-2Match-

siemenssimatic_s7-1500_cpu_1516-3Match-

siemenssimatic_s7-1500_cpu_1516-3_dpMatch-

siemenssimatic_s7-1500_cpu_1516-3_pnMatch-

siemenssimatic_s7-1500_cpu_1516-3_pn\/dpMatch-

siemenssimatic_s7-1500_cpu_1516f-3Match-

siemenssimatic_s7-1500_cpu_1516f-3_pn\/dpMatch-

siemenssimatic_s7-1500_cpu_1516pro-2Match-

siemenssimatic_s7-1500_cpu_1516pro_fMatch-

siemenssimatic_s7-1500_cpu_1516t-3Match-

siemenssimatic_s7-1500_cpu_1516tf-3Match-

siemenssimatic_s7-1500_cpu_1517-3Match-

siemenssimatic_s7-1500_cpu_1517-3_dpMatch-

siemenssimatic_s7-1500_cpu_1517-3_pnMatch-

siemenssimatic_s7-1500_cpu_1517-3_pn\/dpMatch-

siemenssimatic_s7-1500_cpu_1517f-3Match-

siemenssimatic_s7-1500_cpu_1517f-3_pn\/dpMatch-

siemenssimatic_s7-1500_cpu_1517tf-3Match-

siemenssimatic_s7-1500_cpu_1518Match-

siemenssimatic_s7-1500_cpu_1518-4Match-

siemenssimatic_s7-1500_cpu_1518-4_dpMatch-

siemenssimatic_s7-1500_cpu_1518-4_pnMatch-

siemenssimatic_s7-1500_cpu_1518-4_pn\/dpMatch-

siemenssimatic_s7-1500_cpu_1518-4_pn\/dp_mfpMatch-

siemenssimatic_s7-1500_cpu_1518f-4Match-

siemenssimatic_s7-1500_cpu_1518f-4_pn\/dpMatch-

siemenssimatic_s7-1500_cpu_1518hf-4Match-

siemenssimatic_s7-1500_cpu_1518t-4Match-

siemenssimatic_s7-1500_cpu_1518tf-4Match-

CPENameOperatorVersion
siemens:simatic_step_7siemens simatic step 7lt16
siemens:simatic_step_7siemens simatic step 7eq17

CPE	Name	Operator	Version
siemens:simatic_step_7	siemens simatic step 7	lt	16
siemens:simatic_step_7	siemens simatic step 7	eq	17

CNA Affected

[
  {
    "product": "SIMATIC STEP 7 (TIA Portal) V15",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC STEP 7 (TIA Portal) V16",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V16 Update 5"
      }
    ]
  },
  {
    "product": "SIMATIC STEP 7 (TIA Portal) V17",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V17 Update 2"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf

Social References

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVE-2021-42029

cvelist1 nvd1 ics1 prion1