Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2022-38773.NASLHistoryJan 25, 2023 - 12:00 a.m.
Siemens S7-1500 CPU devices Missing Immutable Root of Trust in Hardware (CVE-2022-38773)
2023-01-2500:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
37
siemens
s7-1500
cpus
immutable root of trust
cve-2022-38773
hardware
integrity
code execution
vulnerable
tenable.ot
advisory
Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code.
This plugin does not check the S7-1500 order number.
If your order number is one of :
SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0) SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0) SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0) SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0) SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0) SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0) or newer (6ESxxxx-xxxx-xxxx), this plugin may fire but the device is not vulnerable/is not known to be vulnerable.
Refer to vendor advisory for more details.
https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(500727);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");
script_cve_id("CVE-2022-38773");
script_name(english:"Siemens S7-1500 CPU devices Missing Immutable Root of Trust in Hardware (CVE-2022-38773)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"Affected devices do not contain an Immutable Root of Trust in
Hardware. With this the integrity of the code executed on the device
can not be validated during load-time. An attacker with physical
access to the device could use this to replace the boot image of the
device and execute arbitrary code.
This plugin does not check the S7-1500 order number.
If your order number is one of :
SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)
SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)
SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)
SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)
SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)
SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)
or newer (6ESxxxx-xxxx-xxxx),
this plugin may fire but the device is not vulnerable/is not known to be vulnerable.
Refer to vendor advisory for more details.
https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf");
script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-23-012-08");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
Siemens identified the following specific workarounds and mitigations users can apply to reduce risk:
- Restrict physical access to affected devices to trusted personnel to avoid hardware tampering, such as placing devices
in locked control cabinets.
As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate
mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment
according to Siemens' operational guidelines for industrial security, and follow the recommendations in the product
manuals. Siemens has published additional information on industrial security.
Siemens has released the following new hardware versions of the S7-1500 product family, which contain a new secure boot
mechanism that resolves the vulnerability:
- SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AL03-0AB0)
- SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AM03-0AB0)
- SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FL03-0AB0)
- SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FM03-0AB0)
- SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0)
- SIMATIC S7-1500 CPU 1515R-2 PN (6ES7515-2RN03-0AB0)
Siemens is working on new hardware versions for additional PLC types to address this vulnerability further.
For further inquiries on security vulnerabilities in Siemens products and solutions, users should contact Siemens
ProductCERT.
For more information, see the associated Siemens security advisory SSA-482757 in HTML and CSAF.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-38773");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/01/10");
script_set_attribute(attribute:"patch_publication_date", value:"2023/01/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/01/25");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_drive_controller_cpu_1504d_tf_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_drive_controller_cpu_1507d_tf_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1510sp-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1510sp_f-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1511-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1511c-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1511f-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1511t-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1511tf-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1512c-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1512sp-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1512sp_f-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1513-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1513f-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1513pro-2_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1513pro_f-2_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1513r-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1515-2_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1515f-2_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1515r-2_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1515t-2_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1515tf-2_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1516-3_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1516f-3_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1516pro-2_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1516pro_f-2_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1516t-3_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1516tf-3_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1517-3_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1517f-3_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1517h-3_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1517t-3_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1517tf-3_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1518-4_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1518-4_pn%2fdp_mfp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1518-4f_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1518f-4_pn%2fdp_mfp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1518hf-4_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1518t-4_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_1518tf-4_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_s7-1518-4_pn%2fdp_odk_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7-1500_cpu_s7-1518f-4_pn%2fdp_odk_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cpu_1510sp-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cpu_1510sp-1_pn_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cpu_1510sp_f-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cpu_1510sp_f-1_pn_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cpu_1512sp-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cpu_1512sp-1_pn_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cpu_1512sp_f-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_et_200sp_cpu_1512sp_f-1_pn_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1511-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1511-1_pn_t1_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1511-1_pn_tx_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1511f-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1513-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1513f-1_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1515f-2_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1515f-2_pn_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1515f-2_pn_t2_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1515r-2_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1515r-2_pn_tx_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1516-3_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1516-3_pn%2fdp_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1516-3_pn%2fdp_tx_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1516f-3_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1516f-3_pn%2fdp_rail_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1517h-3_pn_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1518-4_pn%2fdp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1518-4_pn%2fdp_mfp_firmware:-");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:siplus_s7-1500_cpu_1518f-4_pn%2fdp_firmware:-");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Siemens");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Siemens');
var asset = tenable_ot::assets::get(vendor:'Siemens');
var vuln_cpes = {
"cpe:/o:siemens:simatic_drive_controller_cpu_1504d_tf_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_drive_controller_cpu_1507d_tf_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1510sp_f-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1510sp-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1511-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1511c-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1511f-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1511t-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1511tf-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1512c-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1512sp_f-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1512sp-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1513-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1513f-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1513r-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1515-2_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1515f-2_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1515r-2_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1515t-2_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1515tf-2_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1516-3_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1516f-3_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1516t-3_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1516tf-3_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1517-3_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1517f-3_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1517h-3_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1517t-3_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1517tf-3_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1518-4_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1518-4_pn%2fdp_mfp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1518-4f_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1518f-4_pn%2fdp_mfp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1518hf-4_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1518t-4_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1518tf-4_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_s7-1518-4_pn%2fdp_odk_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_s7-1518f-4_pn%2fdp_odk_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1513pro_f-2_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1513pro-2_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1516pro_f-2_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:simatic_s7-1500_cpu_1516pro-2_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_et_200sp_cpu_1510sp_f-1_pn_firmware:-" :
{"family" : "ET200"},
"cpe:/o:siemens:siplus_et_200sp_cpu_1510sp_f-1_pn_rail_firmware:-" :
{"family" : "ET200"},
"cpe:/o:siemens:siplus_et_200sp_cpu_1510sp-1_pn_firmware:-" :
{"family" : "ET200"},
"cpe:/o:siemens:siplus_et_200sp_cpu_1510sp-1_pn_rail_firmware:-" :
{"family" : "ET200"},
"cpe:/o:siemens:siplus_et_200sp_cpu_1512sp_f-1_pn_firmware:-" :
{"family" : "ET200"},
"cpe:/o:siemens:siplus_et_200sp_cpu_1512sp_f-1_pn_rail_firmware:-" :
{"family" : "ET200"},
"cpe:/o:siemens:siplus_et_200sp_cpu_1512sp-1_pn_firmware:-" :
{"family" : "ET200"},
"cpe:/o:siemens:siplus_et_200sp_cpu_1512sp-1_pn_rail_firmware:-" :
{"family" : "ET200"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1511-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1511-1_pn_t1_rail_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1511-1_pn_tx_rail_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1511f-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1513-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1513f-1_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1515f-2_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1515f-2_pn_rail_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1515f-2_pn_t2_rail_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1515r-2_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1515r-2_pn_tx_rail_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1516-3_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1516-3_pn%2fdp_rail_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1516-3_pn%2fdp_tx_rail_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1516f-3_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1516f-3_pn%2fdp_rail_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1517h-3_pn_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1518-4_pn%2fdp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1518-4_pn%2fdp_mfp_firmware:-" :
{"family" : "S71500"},
"cpe:/o:siemens:siplus_s7-1500_cpu_1518f-4_pn%2fdp_firmware:-" :
{"family" : "S71500"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | simatic_drive_controller_cpu_1504d_tf_firmware | - | cpe:/o:siemens:simatic_drive_controller_cpu_1504d_tf_firmware:- |
| siemens | simatic_drive_controller_cpu_1507d_tf_firmware | - | cpe:/o:siemens:simatic_drive_controller_cpu_1507d_tf_firmware:- |
| siemens | simatic_s7-1500_cpu_1510sp-1_pn_firmware | - | cpe:/o:siemens:simatic_s7-1500_cpu_1510sp-1_pn_firmware:- |
| siemens | simatic_s7-1500_cpu_1510sp_f-1_pn_firmware | - | cpe:/o:siemens:simatic_s7-1500_cpu_1510sp_f-1_pn_firmware:- |
| siemens | simatic_s7-1500_cpu_1511-1_pn_firmware | - | cpe:/o:siemens:simatic_s7-1500_cpu_1511-1_pn_firmware:- |
| siemens | simatic_s7-1500_cpu_1511c-1_pn_firmware | - | cpe:/o:siemens:simatic_s7-1500_cpu_1511c-1_pn_firmware:- |
| siemens | simatic_s7-1500_cpu_1511f-1_pn_firmware | - | cpe:/o:siemens:simatic_s7-1500_cpu_1511f-1_pn_firmware:- |
| siemens | simatic_s7-1500_cpu_1511t-1_pn_firmware | - | cpe:/o:siemens:simatic_s7-1500_cpu_1511t-1_pn_firmware:- |
| siemens | simatic_s7-1500_cpu_1511tf-1_pn_firmware | - | cpe:/o:siemens:simatic_s7-1500_cpu_1511tf-1_pn_firmware:- |
| siemens | simatic_s7-1500_cpu_1512c-1_pn_firmware | - | cpe:/o:siemens:simatic_s7-1500_cpu_1512c-1_pn_firmware:- |
Related
thn
thn
Over 100 Siemens PLC Models Found Vulnerable to Firmware Takeover
2023-01-12 14:27:00
cve
cve
CVE-2022-38773
2023-01-10 12:15:23
cnvd
cnvd
Siemens S7-1500 CPU devices have an unspecified vulnerability
2023-01-13 00:00:00
prion
prion
Code injection
2023-01-10 12:15:00
nvd
nvd
CVE-2022-38773
2023-01-10 12:15:23
ics
ics
Siemens S7-1500 CPU devices
2023-01-13 12:00:00
cvelist
cvelist
CVE-2022-38773
2023-01-10 11:39:37
6.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.1%
Related for TENABLE_OT_SIEMENS_CVE-2022-38773.NASL