CVSS: 8.8EPSS: 0%CPEs: 15EXPL: 0CVE-2021-31894
https://notcve.org/view.php?id=CVE-2021-31894
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software. Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 V9.X (Todas las versiones anteriores a V9.1 SP2), SIMATIC PDM (Todas las versiones anteriores a V9.2 SP2), SIMATIC STEP 7 V5.X (Todas las versiones anteriores a V5.7), SINAMICS STARTER (que contiene la versión OEM de STEP 7) (Todas las versiones anteriores a V5.4 SP2 HF1). Un directorio que contiene metafichas relevantes para las configuraciones de los dispositivos tiene permisos de escritura. • https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2021-31893
https://notcve.org/view.php?id=CVE-2021-31893
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution. Se ha identificado una vulnerabilidad en SIMATIC PCS 7 versiones V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 versiones V9.0 (Todas las versiones anteriores a V9.0 SP3), SIMATIC PDM (Todas las versiones anteriores a V9.2), SIMATIC STEP 7 versiones V5.X (Todas las versiones anteriores a V5.6 SP2 HF3), SINAMICS STARTER (que contiene la versión OEM de STEP 7) (Todas las versiones anteriores a V5.4 HF2). El software afectado contiene una vulnerabilidad de desbordamiento de búfer mientras se manejan determinados archivos que podría permitir a un atacante local desencadenar una condición de denegación de servicio o potencialmente conllevar a una ejecución de código remota • https://cert-portal.siemens.com/productcert/pdf/ssa-641963.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2020-7586
https://notcve.org/view.php?id=CVE-2020-7586
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information. • https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 https://www.us-cert.gov/ics/advisories/icsa-20-161-05 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2020-7585
https://notcve.org/view.php?id=CVE-2020-7585
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information. • https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05 https://www.us-cert.gov/ics/advisories/icsa-20-161-05 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.2EPSS: 0%CPEs: 44EXPL: 0CVE-2020-7580
https://notcve.org/view.php?id=CVE-2020-7580
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. Se ha identificado una vulnerabilidad en SIMATIC Automation Tool (Todas las versiones anteriores a la versión V4 SP2), SIMATIC NET PC Software V14 (Todas las versiones anteriores a la versión V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a la versión V16 Upd3), SIMATIC PCS neo (Todas las versiones anteriores a la versión V3.0 SP1), SIMATIC ProSave (Todas las versiones anteriores a la versión V17), SIMATIC S7-1500 Software Controller (Todas las versiones anteriores a la versión V21. 8), SIMATIC STEP 7 (Todas las versiones anteriores a la versión V5.6 SP2 HF3), SIMATIC STEP 7 (TIA Portal) V13 (Todas las versiones anteriores a la versión V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (Todas las versiones anteriores a la versión V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a la versión V15. 1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC OA V3.16 (Todas las versiones anteriores a la versión V3.16 P018), SIMATIC WinCC OA V3. 17 (Todas las versiones anteriores a la versión V3.17 P003), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC Runtime Professional V13 (Todas las versiones anteriores a la versión V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (Todas las versiones anteriores a la versión V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (Todas las versiones anteriores a la versión V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC V7. 4 (Todas las versiones anteriores a la versión V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (Todas las versiones anteriores a la versión V7.5 SP1 Update 3), SINAMICS STARTER (Todas las versiones anteriores a la versión V5.4 HF2), SINAMICS Startdrive (Todas las versiones anteriores a la versión V16 Update 3), SINEC NMS (Todas las versiones anteriores a la versión V1. 0 SP2), SINEMA Server (Todas las versiones anteriores a la versión V14 SP3), SINUMERIK ONE virtual (Todas las versiones anteriores a la versión V6.14), SINUMERIK Operate (Todas las versiones anteriores a la versión V6.14). Un componente dentro de la aplicación afectada llama regularmente a un binario de ayuda con privilegios de SISTEMA mientras la ruta de llamada no está citada • https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04 • CWE-428: Unquoted Search Path or Element •