Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2020-28396.NASL
HistoryFeb 07, 2022 - 12:00 a.m.

Siemens SICAM A8000 RTUs Protection Mechanism Failure (CVE-2020-28396)

2022-02-0700:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
4

4.9 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

24.1%

JSON

A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of the affected device can cause insecure ciphers usage by a users browser. An attacker in a privileged position could decrypt the communication and compromise confidentiality and integrity of the transmitted information.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500432);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");

  script_cve_id("CVE-2020-28396");

  script_name(english:"Siemens SICAM A8000 RTUs Protection Mechanism Failure (CVE-2020-28396)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions <
V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of the affected device can cause insecure
ciphers usage by a users browser. An attacker in a privileged position could decrypt the communication and compromise
confidentiality and integrity of the transmitted information.  

This plugin only works with Tenable.ot. Please visit
https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-415783.pdf");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-20-343-07");
  script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-21-062/");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Siemens recommends users update to the latest version, v16. Siemens also recommends users configure the browser to
accept only secure ciphers.

As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate
mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the
environment according to the Siemens operational guidelines for industrial security and following the recommendations in
the product manuals.

For additional information, please refer to Siemens Security Advisory SSA-415783");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-28396");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(693);

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/12/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/12/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:sicam_a8000_cp-8000_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:sicam_a8000_cp-8021_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:sicam_a8000_cp-8022_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Siemens');

var asset = tenable_ot::assets::get(vendor:'Siemens');

var vuln_cpes = {
    "cpe:/o:siemens:sicam_a8000_cp-8000_firmware" :
        {"versionEndExcluding" : "16", "family" : "SicamA8000CP800"},
    "cpe:/o:siemens:sicam_a8000_cp-8021_firmware" :
        {"versionEndExcluding" : "16", "family" : "SicamA8000CP802"},
    "cpe:/o:siemens:sicam_a8000_cp-8022_firmware" :
        {"versionEndExcluding" : "16", "family" : "SicamA8000CP802"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
VendorProductVersionCPE
siemenssicam_a8000_cp-8000_firmwarecpe:/o:siemens:sicam_a8000_cp-8000_firmware
siemenssicam_a8000_cp-8021_firmwarecpe:/o:siemens:sicam_a8000_cp-8021_firmware
siemenssicam_a8000_cp-8022_firmwarecpe:/o:siemens:sicam_a8000_cp-8022_firmware

Related

cve 1
nvd 1
cvelist 1
nessus 1
ics 1
prion 1
cve
cve
CVE-2020-28396
2020-12-14 21:15:21
nvd
nvd
CVE-2020-28396
2020-12-14 21:15:21
cvelist
cvelist
CVE-2020-28396
2020-12-14 21:05:19
nessus
nessus
Siemens Sicam Protection Mechanism Failure
2021-08-10 00:00:00
ics
ics
Siemens SICAM A8000 RTUs
2020-12-08 12:00:00
prion
prion
Information disclosure
2020-12-14 21:15:00

4.9 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

24.1%

JSON
Related for TENABLE_OT_SIEMENS_CVE-2020-28396.NASL
cve1nvd1cvelist1nessus1ics1prion1