ID

VAR-201305-0214


CVE

CVE-2013-3633


TITLE

Siemens Scalance X200 Series Switch Remote Privilege Escalation Vulnerability

Trust: 0.8

sources: IVD: eea523d6-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06561

DESCRIPTION

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The user privileges for the web interface are only enforced on client side and not properly verified on server side. Therefore, an attacker is able to execute privileged commands using an unprivileged account. Siemens Scalance X200 IRT Included in switch firmware Web The interface is vulnerable to arbitrary command execution because authentication relies on client-side authorization checks.An arbitrary command may be executed by a remotely authenticated user. The Siemens Scalance X200 series switches can be used to connect industrial components such as PLCs or HMIs. Note: Limited information is currently available regarding this issue. We will update this BID as more information emerges. There are permissions and access control vulnerabilities in Siemens SCALANCE X-200 versions earlier than V5.0.0 and SCALANCE X-200IRT versions earlier than V5.1.0. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products

Trust: 2.7

sources: NVD: CVE-2013-3633 // JVNDB: JVNDB-2013-002822 // CNVD: CNVD-2013-06561 // BID: 60165 // IVD: eea523d6-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-63635

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: eea523d6-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06561

AFFECTED PRODUCTS

vendor:siemensmodel:scalance x202-2p irtscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x204irtscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x200-4p irtscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xf204irtscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x201-3p irtscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x200irtscope:lteversion:5.0.0

Trust: 1.0

vendor:siemensmodel:scalance x202-2irtscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance x200 irtscope:ltversion:5.1.0

Trust: 0.8

vendor:siemensmodel:scalance x200-4pirtscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x201-3p irtscope:eqversion:none

Trust: 0.8

vendor:siemensmodel:scalance x201-3p irtscope:eqversion:pro

Trust: 0.8

vendor:siemensmodel:scalance x202-2irtscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance x202-2p irtscope:eqversion:none

Trust: 0.8

vendor:siemensmodel:scalance x202-2p irtscope:eqversion:pro

Trust: 0.8

vendor:siemensmodel:scalance x204irtscope:eqversion:none

Trust: 0.8

vendor:siemensmodel:scalance x204irtscope:eqversion:pro

Trust: 0.8

vendor:siemensmodel:scalance xf204irtscope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance series switchesscope:eqversion:x-200

Trust: 0.6

vendor:siemensmodel:scalance x200irtscope:eqversion:5.0.0

Trust: 0.6

vendor:scalance x204irtmodel: - scope:eqversion: -

Trust: 0.4

vendor:scalance x202 2p irtmodel: - scope:eqversion: -

Trust: 0.4

vendor:scalance x201 3p irtmodel: - scope:eqversion: -

Trust: 0.4

vendor:scalance x202 2irtmodel: - scope:eqversion: -

Trust: 0.2

vendor:scalance x200 4p irtmodel: - scope:eqversion: -

Trust: 0.2

vendor:scalance xf204irtmodel: - scope:eqversion: -

Trust: 0.2

vendor:scalance x200irtmodel: - scope:eqversion:5.0.0

Trust: 0.2

sources: IVD: eea523d6-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06561 // JVNDB: JVNDB-2013-002822 // CNNVD: CNNVD-201305-538 // NVD: CVE-2013-3633

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-3633
value: HIGH

Trust: 1.0

NVD: CVE-2013-3633
value: HIGH

Trust: 0.8

CNVD: CNVD-2013-06561
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201305-538
value: HIGH

Trust: 0.6

IVD: eea523d6-2352-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

VULHUB: VHN-63635
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-3633
severity: HIGH
baseScore: 8.0
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2013-06561
severity: HIGH
baseScore: 8.0
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: eea523d6-2352-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 8.0
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-63635
severity: HIGH
baseScore: 8.0
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: eea523d6-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06561 // VULHUB: VHN-63635 // JVNDB: JVNDB-2013-002822 // CNNVD: CNNVD-201305-538 // NVD: CVE-2013-3633

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-63635 // JVNDB: JVNDB-2013-002822 // NVD: CVE-2013-3633

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201305-538

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201305-538

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-002822

PATCH

title:SSA-170686url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-170686.pdf

Trust: 0.8

title:Patch for Siemens Scalance X200 Series Switches Remote Privilege Escalation Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/34436

Trust: 0.6

sources: CNVD: CNVD-2013-06561 // JVNDB: JVNDB-2013-002822

EXTERNAL IDS

db:NVDid:CVE-2013-3633

Trust: 3.6

db:SIEMENSid:SSA-170686

Trust: 1.7

db:ICS CERTid:ICSA-13-149-01

Trust: 1.4

db:BIDid:60165

Trust: 1.0

db:CNNVDid:CNNVD-201305-538

Trust: 0.9

db:CNVDid:CNVD-2013-06561

Trust: 0.8

db:ICS CERTid:ICSA-13-169-01

Trust: 0.8

db:JVNDBid:JVNDB-2013-002822

Trust: 0.8

db:SECUNIAid:53519

Trust: 0.6

db:IVDid:EEA523D6-2352-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:SEEBUGid:SSVID-89660

Trust: 0.1

db:VULHUBid:VHN-63635

Trust: 0.1

sources: IVD: eea523d6-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-06561 // VULHUB: VHN-63635 // BID: 60165 // JVNDB: JVNDB-2013-002822 // CNNVD: CNNVD-201305-538 // NVD: CVE-2013-3633

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-170686.pdf

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3633

Trust: 0.8

url:http://ics-cert.us-cert.gov/advisories/icsa-13-149-01

Trust: 0.8

url:https://ics-cert.us-cert.gov/advisories/icsa-13-169-01

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3633

Trust: 0.8

url:http://secunia.com/advisories/53519/

Trust: 0.6

url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-1

Trust: 0.6

url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-170686.pdf

Trust: 0.6

url:https://www.us-cert.gov/ics/advisories/icsa-13-149-01

Trust: 0.6

url:http://subscriber.communications.siemens.com/

Trust: 0.3

sources: CNVD: CNVD-2013-06561 // VULHUB: VHN-63635 // BID: 60165 // JVNDB: JVNDB-2013-002822 // CNNVD: CNNVD-201305-538 // NVD: CVE-2013-3633

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 60165

SOURCES

db:IVDid:eea523d6-2352-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2013-06561
db:VULHUBid:VHN-63635
db:BIDid:60165
db:JVNDBid:JVNDB-2013-002822
db:CNNVDid:CNNVD-201305-538
db:NVDid:CVE-2013-3633

LAST UPDATE DATE

2024-08-14T15:35:13.538000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-06561date:2013-06-04T00:00:00
db:VULHUBid:VHN-63635date:2019-12-12T00:00:00
db:BIDid:60165date:2013-06-19T06:37:00
db:JVNDBid:JVNDB-2013-002822date:2013-06-25T00:00:00
db:CNNVDid:CNNVD-201305-538date:2019-12-13T00:00:00
db:NVDid:CVE-2013-3633date:2019-12-12T20:15:11.693

SOURCES RELEASE DATE

db:IVDid:eea523d6-2352-11e6-abef-000c29c66e3ddate:2013-06-04T00:00:00
db:CNVDid:CNVD-2013-06561date:2013-06-04T00:00:00
db:VULHUBid:VHN-63635date:2013-05-24T00:00:00
db:BIDid:60165date:2013-05-24T00:00:00
db:JVNDBid:JVNDB-2013-002822date:2013-05-29T00:00:00
db:CNNVDid:CNNVD-201305-538date:2013-05-27T00:00:00
db:NVDid:CVE-2013-3633date:2013-05-24T20:55:01.737