Siemens SINEMA Remote Connect Server

🗓️ 14 Sep 2021 00:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics🔗 www.cisa.gov👁 57 Views

Siemens SINEMA Remote Connect Server with vulnerabilities in Modification of Assumed-Immutable Data, Improper Access Control, Exposure of Sensitive Information, and Improper Control of Interaction Frequency. Allows unauthorized access, information retrieval, and denial-of-service attacks

Reporter	Title	Published	Views	Family All 61
Circl	CVE-2021-37183	14 Sep 202114:20	–	circl
Circl	CVE-2021-37190	14 Sep 202114:21	–	circl
Circl	CVE-2021-37191	14 Sep 202114:20	–	circl
Circl	CVE-2021-37192	14 Sep 202114:20	–	circl
Circl	CVE-2021-37193	14 Sep 202114:20	–	circl
CNNVD	Siemens SINEMA Remote Connect Server 安全漏洞	14 Sep 202100:00	–	cnnvd
CNNVD	Siemens SINEMA Remote Connect Server 信息泄露漏洞	14 Sep 202100:00	–	cnnvd
CNNVD	Siemens SINEMA Remote Connect Server 信息泄露漏洞	14 Sep 202100:00	–	cnnvd
CNNVD	Siemens SINEMA Remote Connect Server 访问控制错误漏洞	14 Sep 202100:00	–	cnnvd
CNNVD	Siemens SINEMA Remote Connect Server 安全漏洞	14 Sep 202100:00	–	cnnvd

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/csaf/ssa-334944.json
cert-portal	www.cert-portal.siemens.com/productcert/txt/ssa-334944.txt
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-257-19.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-21-257-19
cisa	www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
cisa	www.cisa.gov/topics/industrial-control-systems
us-cert	www.us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
cisa	www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf

14 Sep 2021 00:00Current

5.8Medium risk

Vulners AI Score5.8

CVSS 23.3

CVSS 3.16.5

EPSS0.00375

SSVC