Lucene search

SiemensCVELIST:CVE-2020-15791

HistorySep 09, 2020 - 6:13 p.m.

CVE-2020-15791

2020-09-0918:13:11

CWE-522

siemens

www.cve.org

simatic

s7-300

s7-400

authentication

vulnerability

iso-tsap

network traffic

credentials

sinumerik 840d

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

26.0%

JSON

A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol between a client and a PLC via port 102/tcp (ISO-TSAP) insufficiently protects the transmitted password. This could allow an attacker that is able to intercept the network traffic to obtain valid PLC credentials.

CNA Affected

[
  {
    "product": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC S7-400 CPU family (incl. SIPLUS variants)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SIMATIC WinAC RTX (F) 2010",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "product": "SINUMERIK 840D sl",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf