CVE-2020-7586

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.

Se ha identificado una vulnerabilidad en SIMATIC PCS 7 versión V8.2 y anteriores (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9.0 SP3), SIMATIC PDM (Todas las versiones anteriores a V9.2), SIMATIC STEP 7 V5.X (Todas las versiones anteriores a V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (Todas las versiones anteriores a V5.4 HF2). Una vulnerabilidad de desbordamiento del búfer podría permitir a un atacante local causar una situación de Denegación de Servicio. La vulnerabilidad de seguridad podría ser explotada por parte de un atacante con acceso local a los sistemas afectados. Una explotación con éxito podría requerir privilegios de usuario pero no una interacción del usuario. La vulnerabilidad podría permitir a un atacante comprometer la disponibilidad del sistema, así como tener acceso a información confidencial

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-01-21 CVE Reserved
2020-06-10 CVE Published
2024-05-01 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-122: Heap-based Buffer Overflow
CWE-787: Out-of-bounds Write

CAPEC

References (3)

URL	Tag	Source
https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05	X_refsource_confirm
https://www.us-cert.gov/ics/advisories/icsa-20-161-05	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf	2021-04-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"		Simatic Pcs 7 Search vendor "Siemens" for product "Simatic Pcs 7"				*		-		Affected
Siemens Search vendor "Siemens"		Simatic Process Device Manager Search vendor "Siemens" for product "Simatic Process Device Manager"				*		-		Affected
Siemens Search vendor "Siemens"		Simatic Step 7 Search vendor "Siemens" for product "Simatic Step 7"				< 5.6 Search vendor "Siemens" for product "Simatic Step 7" and version " < 5.6"		-		Affected
Siemens Search vendor "Siemens"		Simatic Step 7 Search vendor "Siemens" for product "Simatic Step 7"				5.6 Search vendor "Siemens" for product "Simatic Step 7" and version "5.6"		-		Affected
Siemens Search vendor "Siemens"		Simatic Step 7 Search vendor "Siemens" for product "Simatic Step 7"				5.6 Search vendor "Siemens" for product "Simatic Step 7" and version "5.6"		sp1		Affected
Siemens Search vendor "Siemens"		Simatic Step 7 Search vendor "Siemens" for product "Simatic Step 7"				5.6 Search vendor "Siemens" for product "Simatic Step 7" and version "5.6"		sp2		Affected
Siemens Search vendor "Siemens"		Simatic Step 7 Search vendor "Siemens" for product "Simatic Step 7"				5.6 Search vendor "Siemens" for product "Simatic Step 7" and version "5.6"		sp2_hotfix1		Affected
Siemens Search vendor "Siemens"		Sinamics Starter Search vendor "Siemens" for product "Sinamics Starter"				< 5.4 Search vendor "Siemens" for product "Sinamics Starter" and version " < 5.4"		-		Affected
Siemens Search vendor "Siemens"		Sinamics Starter Search vendor "Siemens" for product "Sinamics Starter"				5.4 Search vendor "Siemens" for product "Sinamics Starter" and version "5.4"		-		Affected