Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2022-34820.NASL
HistoryJul 21, 2022 - 12:00 a.m.

Siemens (CVE-2022-34820) (deprecated)

2022-07-2100:00:00
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
30
JSON

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

##
# (C) Tenable, Inc.
#
# @DEPRECATED@
#
# Disabled on 2022-07-27.
##

include('compat.inc');

if (description)
{
  script_id(500682);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/07/27");

  script_cve_id("CVE-2022-34820");

  script_name(english:"Siemens (CVE-2022-34820) (deprecated)");

  script_set_attribute(attribute:"synopsis", value:
"This plugin has been deprecated.");
  script_set_attribute(attribute:"description", value:
"A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All
versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU
(All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP
1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >=
V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1
(All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All
versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >=
V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >=
V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1
(All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions),
SIPLUS S7-1200 CP 1243-1 RAIL (All versions). The application does not
correctly escape some user provided fields during the authentication
process. This could allow an attacker to inject custom commands and
execute arbitrary code with elevated privileges.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf");
  script_set_attribute(attribute:"solution", value:
"n/a");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-34820");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(77);

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/07/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/07/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/07/21");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1200_cp_1243-1_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}

exit(0, "This plugin has been deprecated.");
VendorProductVersionCPE
siemenssiplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmwarecpe:/o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware
siemenssiplus_et_200sp_cp_1543sp-1_isec_firmwarecpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware
siemenssiplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmwarecpe:/o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware
siemenssiplus_s7-1200_cp_1243-1_firmwarecpe:/o:siemens:siplus_s7-1200_cp_1243-1_firmware
siemenssiplus_s7-1200_cp_1243-1_rail_firmwarecpe:/o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware

Related

cvelist 1
prion 1
cve 1
ics 1
cvelist
cvelist
CVE-2022-34820
2022-07-12 10:07:29
prion
prion
Authentication flaw
2022-07-12 10:15:00
cve
cve
CVE-2022-34820
2022-07-12 10:15:00
ics
ics
Siemens SRCS VPN Feature in SIMATIC CP Devices (Update A)
2022-08-11 12:00:00
JSON
Related for TENABLE_OT_SIEMENS_CVE-2022-34820.NASL
cvelist1prion1cve1ics1