Lucene search

SiemensCVELIST:CVE-2024-31484

HistoryMay 14, 2024 - 10:02 a.m.

CVE-2024-31484

2024-05-1410:02:23

CWE-170

siemens

www.cve.org

vulnerability

cpc80

cpci85

code execution

denial of service

http header

null termination

firmware

attack

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.3 High

CVSS4

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

A vulnerability has been identified in CPC80 Central Processing/Communication (All versions < V16.41), CPCI85 Central Processing/Communication (All versions < V5.30), CPCX26 Central Processing/Communication (All versions < V06.02), ETA4 Ethernet Interface IEC60870-5-104 (All versions < V10.46), ETA5 Ethernet Int. 1x100TX IEC61850 Ed.2 (All versions < V03.27), PCCX26 Ax 1703 PE, Contr, Communication Element (All versions < V06.05). The affected devices contain an improper null termination vulnerability while parsing a specific HTTP header. This could allow an attacker to execute code in the context of the current process or lead to denial of service condition.

CNA Affected

[
  {
    "vendor": "Siemens",
    "product": "CPC80 Central Processing/Communication",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V16.41",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "CPCI85 Central Processing/Communication",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V5.30",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "CPCX26 Central Processing/Communication",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V06.02",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "ETA4 Ethernet Interface IEC60870-5-104",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V10.46",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "ETA5 Ethernet Int. 1x100TX IEC61850 Ed.2",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V03.27",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "PCCX26 Ax 1703 PE, Contr, Communication Element",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V06.05",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

cert-portal.siemens.com/productcert/html/ssa-620338.html

cert-portal.siemens.com/productcert/html/ssa-871704.html

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.3 High

CVSS4

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVELIST:CVE-2024-31484