Details of VAR-201408-0173

ID

VAR-201408-0173

CVE

CVE-2014-5074

TITLE

Siemens SIMATIC S7-1500 CPU Service disruption in device firmware (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-003841

DESCRIPTION

Siemens SIMATIC S7-1500 CPU devices with firmware before 1.6 allow remote attackers to cause a denial of service (device restart and STOP transition) via crafted TCP packets. Siemens SIMATIC is an automation software in a single engineering environment. A denial of service vulnerability exists in Siemens SIMATIC S7-1500 that can be exploited by remote attackers to initiate a denial of service attack. Siemens SIMATIC S7-1500 is prone to a denial-of-service vulnerability. Versions prior to SIMATIC S7-1500 1.6 are vulnerable. A security vulnerability exists in Siemens SIMATIC S7-1500 CPU devices with firmware versions earlier than 1.6

Trust: 2.88

sources: NVD: CVE-2014-5074 // JVNDB: JVNDB-2014-003841 // CNVD: CNVD-2014-05089 // BID: 69241 // IVD: de296c3e-2351-11e6-abef-000c29c66e3d // IVD: 07790750-e4ab-435f-8d3a-05ddbc049c23 // VULHUB: VHN-73015

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.0

sources: IVD: de296c3e-2351-11e6-abef-000c29c66e3d // IVD: 07790750-e4ab-435f-8d3a-05ddbc049c23 // CNVD: CNVD-2014-05089

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic s7-1500 cpu	scope:	eq	version:	1.1.0	Trust: 1.6
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	eq	version:	1.5	Trust: 1.6
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	eq	version:	1.1.2	Trust: 1.6
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	eq	version:	1.1.1	Trust: 1.6
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	eq	version:	1.0.1	Trust: 1.6
vendor:	siemens	model:	simatic s7-1516f-3 pn\/dp cpu	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	lte	version:	1.5.1	Trust: 1.0
vendor:	siemens	model:	simatic s7-1511-1 pn cpu	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic s7-1513-1 pn cpu	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic s7-1518f-4 pn\/dp cpu	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic s7-1515-2 pn cpu	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic s7-1518-4 pn\/dp cpu	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic s7-1516-3 pn\/dp cpu	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	lt	version:	1.6	Trust: 0.8
vendor:	siemens	model:	simatic s7-1500	scope:	eq	version:	1.6	Trust: 0.6
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	eq	version:	1.5.1	Trust: 0.6
vendor:	simatic s7 1500 cpu	model:	-	scope:	eq	version:	1.0.1	Trust: 0.4
vendor:	simatic s7 1500 cpu	model:	-	scope:	eq	version:	1.1.0	Trust: 0.4
vendor:	simatic s7 1500 cpu	model:	-	scope:	eq	version:	1.1.1	Trust: 0.4
vendor:	simatic s7 1500 cpu	model:	-	scope:	eq	version:	1.1.2	Trust: 0.4
vendor:	simatic s7 1500 cpu	model:	-	scope:	eq	version:	1.5	Trust: 0.4
vendor:	simatic s7 1500 cpu	model:	-	scope:	lte	version:	<=1.5.1	Trust: 0.4
vendor:	simatic s7 1511 1 pn cpu	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	simatic s7 1513 1 pn cpu	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	simatic s7 1515 2 pn cpu	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	simatic s7 1516 3 pn dp cpu	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	simatic s7 1516f 3 pn dp cpu	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	simatic s7 1518 4 pn dp cpu	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	simatic s7 1518f 4 pn dp cpu	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	siemens	model:	simatic s7-1500	scope:	eq	version:	1.5.0	Trust: 0.3
vendor:	siemens	model:	simatic s7-1500	scope:	ne	version:	1.6	Trust: 0.3

sources: IVD: de296c3e-2351-11e6-abef-000c29c66e3d // IVD: 07790750-e4ab-435f-8d3a-05ddbc049c23 // CNVD: CNVD-2014-05089 // BID: 69241 // JVNDB: JVNDB-2014-003841 // CNNVD: CNNVD-201408-273 // NVD: CVE-2014-5074

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-5074
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-5074
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2014-05089
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201408-273
value:	HIGH
Trust: 0.6
IVD:	de296c3e-2351-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
IVD:	07790750-e4ab-435f-8d3a-05ddbc049c23
value:	HIGH
Trust: 0.2
VULHUB:	VHN-73015
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-5074
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2014-05089
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	de296c3e-2351-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	07790750-e4ab-435f-8d3a-05ddbc049c23
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-73015
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: de296c3e-2351-11e6-abef-000c29c66e3d // IVD: 07790750-e4ab-435f-8d3a-05ddbc049c23 // CNVD: CNVD-2014-05089 // VULHUB: VHN-73015 // JVNDB: JVNDB-2014-003841 // CNNVD: CNNVD-201408-273 // NVD: CVE-2014-5074

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2014-5074

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201408-273

TYPE

Denial of service

Trust: 0.4

sources: IVD: de296c3e-2351-11e6-abef-000c29c66e3d // IVD: 07790750-e4ab-435f-8d3a-05ddbc049c23

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-003841

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-73015

PATCH

title:	SSA-310688	url:	http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-310688.pdf	Trust: 0.8
title:	Patch for Siemens SIMATIC S7-1500 Denial of Service Vulnerability (CNVD-2014-05089)	url:	https://www.cnvd.org.cn/patchInfo/show/49047	Trust: 0.6

sources: CNVD: CNVD-2014-05089 // JVNDB: JVNDB-2014-003841

EXTERNAL IDS

db:	NVD	id:	CVE-2014-5074	Trust: 3.8
db:	ICS CERT	id:	ICSA-14-226-01	Trust: 2.8
db:	SIEMENS	id:	SSA-310688	Trust: 1.7
db:	CNNVD	id:	CNNVD-201408-273	Trust: 1.1
db:	EXPLOIT-DB	id:	44693	Trust: 1.1
db:	CNVD	id:	CNVD-2014-05089	Trust: 1.0
db:	BID	id:	69241	Trust: 1.0
db:	JVNDB	id:	JVNDB-2014-003841	Trust: 0.8
db:	IVD	id:	DE296C3E-2351-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	07790750-E4AB-435F-8D3A-05DDBC049C23	Trust: 0.2
db:	SEEBUG	id:	SSVID-89604	Trust: 0.1
db:	VULHUB	id:	VHN-73015	Trust: 0.1

sources: IVD: de296c3e-2351-11e6-abef-000c29c66e3d // IVD: 07790750-e4ab-435f-8d3a-05ddbc049c23 // CNVD: CNVD-2014-05089 // VULHUB: VHN-73015 // BID: 69241 // JVNDB: JVNDB-2014-003841 // CNNVD: CNNVD-201408-273 // NVD: CVE-2014-5074

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-14-226-01	Trust: 2.8
url:	http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-310688.pdf	Trust: 1.7
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-310688.pdf	Trust: 1.1
url:	https://www.exploit-db.com/exploits/44693/	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5074	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5074	Trust: 0.8
url:	http://www.securityfocus.com/bid/69241	Trust: 0.6
url:	http://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo&lang=en&objid=98164677&caller=view	Trust: 0.3
url:	http://www.siemens.com/	Trust: 0.3
url:	http://www.automation.siemens.com/mcms/programmable-logic-controller/en/simatic-s7-controller/s7-1500/pages/default.aspx	Trust: 0.3

sources: CNVD: CNVD-2014-05089 // VULHUB: VHN-73015 // BID: 69241 // JVNDB: JVNDB-2014-003841 // CNNVD: CNNVD-201408-273 // NVD: CVE-2014-5074

CREDITS

Arnaud Ebalard from Agence Nationale de la Sécurité des Systèmes d??Information (ANSSI).

Trust: 0.3

sources: BID: 69241

SOURCES

db:	IVD	id:	de296c3e-2351-11e6-abef-000c29c66e3d
db:	IVD	id:	07790750-e4ab-435f-8d3a-05ddbc049c23
db:	CNVD	id:	CNVD-2014-05089
db:	VULHUB	id:	VHN-73015
db:	BID	id:	69241
db:	JVNDB	id:	JVNDB-2014-003841
db:	CNNVD	id:	CNNVD-201408-273
db:	NVD	id:	CVE-2014-5074

LAST UPDATE DATE

2024-11-23T22:59:39.699000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-05089	date:	2014-08-20T00:00:00
db:	VULHUB	id:	VHN-73015	date:	2018-05-25T00:00:00
db:	BID	id:	69241	date:	2014-08-14T00:00:00
db:	JVNDB	id:	JVNDB-2014-003841	date:	2014-08-19T00:00:00
db:	CNNVD	id:	CNNVD-201408-273	date:	2014-08-19T00:00:00
db:	NVD	id:	CVE-2014-5074	date:	2024-11-21T02:11:22.020

SOURCES RELEASE DATE

db:	IVD	id:	de296c3e-2351-11e6-abef-000c29c66e3d	date:	2014-08-20T00:00:00
db:	IVD	id:	07790750-e4ab-435f-8d3a-05ddbc049c23	date:	2014-08-20T00:00:00
db:	CNVD	id:	CNVD-2014-05089	date:	2014-08-19T00:00:00
db:	VULHUB	id:	VHN-73015	date:	2014-08-17T00:00:00
db:	BID	id:	69241	date:	2014-08-14T00:00:00
db:	JVNDB	id:	JVNDB-2014-003841	date:	2014-08-19T00:00:00
db:	CNNVD	id:	CNNVD-201408-273	date:	2014-08-19T00:00:00
db:	NVD	id:	CVE-2014-5074	date:	2014-08-17T23:55:07.650