Details of VAR-201610-0193

ID

VAR-201610-0193

CVE

CVE-2016-7960

TITLE

Siemens SIMATIC STEP 7 Vulnerability in which important setting information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2016-005413

DESCRIPTION

Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors. Siemens SIMATIC is an automation software in a single engineering environment. An information disclosure vulnerability exists in Siemens SIMATIC STEP 7 V12 and V13. SIMATIC STEP 7 (TIA Portal) is prone to mutliple local information-disclosure vulnerabilities. Attackers can exploit these issues to obtain sensitive information that may aid in launching further attacks. All versions of SIMATIC STEP 7 (TIA Portal) v14 are affected. Siemens SIMATIC STEP 7 (TIA Portal) is a set of programming software for SIMATIC controllers from Siemens, Germany. The software provides PLC programming, design option packages, advanced drive technology and more

Trust: 2.7

sources: NVD: CVE-2016-7960 // JVNDB: JVNDB-2016-005413 // CNVD: CNVD-2016-08769 // BID: 93551 // IVD: b3aaa1fa-b1ac-4a47-a480-7a1b017cadeb // VULHUB: VHN-96780

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: b3aaa1fa-b1ac-4a47-a480-7a1b017cadeb // CNVD: CNVD-2016-08769

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic step 7	scope:	lte	version:	13.010	Trust: 1.0
vendor:	siemens	model:	simatic step 7	scope:	lt	version:	(tia portal ) 14	Trust: 0.8
vendor:	siemens	model:	simatic step	scope:	eq	version:	7<v14	Trust: 0.6
vendor:	siemens	model:	simatic step 7	scope:	eq	version:	13.010	Trust: 0.6
vendor:	siemens	model:	simatic step tia portal	scope:	eq	version:	7v13	Trust: 0.3
vendor:	siemens	model:	simatic step tia portal	scope:	eq	version:	7v12	Trust: 0.3
vendor:	siemens	model:	simatic step tia portal	scope:	ne	version:	7v14	Trust: 0.3
vendor:	simatic step 7	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: b3aaa1fa-b1ac-4a47-a480-7a1b017cadeb // CNVD: CNVD-2016-08769 // BID: 93551 // JVNDB: JVNDB-2016-005413 // CNNVD: CNNVD-201610-424 // NVD: CVE-2016-7960

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-7960
value:	LOW
Trust: 1.0
NVD:	CVE-2016-7960
value:	LOW
Trust: 0.8
CNVD:	CNVD-2016-08769
value:	LOW
Trust: 0.6
CNNVD:	CNNVD-201610-424
value:	LOW
Trust: 0.6
IVD:	b3aaa1fa-b1ac-4a47-a480-7a1b017cadeb
value:	LOW
Trust: 0.2
VULHUB:	VHN-96780
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2016-7960
severity:	LOW
baseScore:	1.9
vectorString:	AV:L/AC:M/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.4
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-08769
severity:	LOW
baseScore:	1.0
vectorString:	AV:L/AC:H/AU:S/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	b3aaa1fa-b1ac-4a47-a480-7a1b017cadeb
severity:	LOW
baseScore:	1.0
vectorString:	AV:L/AC:H/AU:S/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-96780
severity:	LOW
baseScore:	1.9
vectorString:	AV:L/AC:M/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.4
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-7960
baseSeverity:	LOW
baseScore:	2.5
vectorString:	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.0
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: IVD: b3aaa1fa-b1ac-4a47-a480-7a1b017cadeb // CNVD: CNVD-2016-08769 // VULHUB: VHN-96780 // JVNDB: JVNDB-2016-005413 // CNNVD: CNNVD-201610-424 // NVD: CVE-2016-7960

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-96780 // JVNDB: JVNDB-2016-005413 // NVD: CVE-2016-7960

THREAT TYPE

local

Trust: 0.9

sources: BID: 93551 // CNNVD: CNNVD-201610-424

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201610-424

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005413

PATCH

title:	SSA-869766	url:	http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf	Trust: 0.8
title:	SIEMENS SIMATIC STEP 7 Patch for Information Disclosure Vulnerability (CNVD-2016-08769)	url:	https://www.cnvd.org.cn/patchInfo/show/82255	Trust: 0.6
title:	Siemens SIMATIC STEP 7 Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64800	Trust: 0.6

sources: CNVD: CNVD-2016-08769 // JVNDB: JVNDB-2016-005413 // CNNVD: CNNVD-201610-424

EXTERNAL IDS

db:	NVD	id:	CVE-2016-7960	Trust: 3.6
db:	SIEMENS	id:	SSA-869766	Trust: 2.6
db:	ICS CERT	id:	ICSA-16-287-03	Trust: 2.2
db:	BID	id:	93551	Trust: 1.4
db:	CNNVD	id:	CNNVD-201610-424	Trust: 0.9
db:	CNVD	id:	CNVD-2016-08769	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-005413	Trust: 0.8
db:	IVD	id:	B3AAA1FA-B1AC-4A47-A480-7A1B017CADEB	Trust: 0.2
db:	VULHUB	id:	VHN-96780	Trust: 0.1

sources: IVD: b3aaa1fa-b1ac-4a47-a480-7a1b017cadeb // CNVD: CNVD-2016-08769 // VULHUB: VHN-96780 // BID: 93551 // JVNDB: JVNDB-2016-005413 // CNNVD: CNNVD-201610-424 // NVD: CVE-2016-7960

REFERENCES

url:	http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-869766.pdf	Trust: 2.6
url:	https://ics-cert.us-cert.gov/advisories/icsa-16-287-03	Trust: 2.2
url:	http://www.securityfocus.com/bid/93551	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7960	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7960	Trust: 0.8
url:	http://subscriber.communications.siemens.com/	Trust: 0.3

sources: CNVD: CNVD-2016-08769 // VULHUB: VHN-96780 // BID: 93551 // JVNDB: JVNDB-2016-005413 // CNNVD: CNNVD-201610-424 // NVD: CVE-2016-7960

CREDITS

Dmitry Sklyarov and Gleb Gritsai from Positive Technologies.

Trust: 0.3

sources: BID: 93551

SOURCES

db:	IVD	id:	b3aaa1fa-b1ac-4a47-a480-7a1b017cadeb
db:	CNVD	id:	CNVD-2016-08769
db:	VULHUB	id:	VHN-96780
db:	BID	id:	93551
db:	JVNDB	id:	JVNDB-2016-005413
db:	CNNVD	id:	CNNVD-201610-424
db:	NVD	id:	CVE-2016-7960

LAST UPDATE DATE

2024-11-23T22:01:23.546000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-08769	date:	2016-10-13T00:00:00
db:	VULHUB	id:	VHN-96780	date:	2016-12-22T00:00:00
db:	BID	id:	93551	date:	2016-10-26T02:07:00
db:	JVNDB	id:	JVNDB-2016-005413	date:	2016-10-20T00:00:00
db:	CNNVD	id:	CNNVD-201610-424	date:	2016-10-14T00:00:00
db:	NVD	id:	CVE-2016-7960	date:	2024-11-21T02:58:47.620

SOURCES RELEASE DATE

db:	IVD	id:	b3aaa1fa-b1ac-4a47-a480-7a1b017cadeb	date:	2016-10-13T00:00:00
db:	CNVD	id:	CNVD-2016-08769	date:	2016-10-13T00:00:00
db:	VULHUB	id:	VHN-96780	date:	2016-10-13T00:00:00
db:	BID	id:	93551	date:	2016-10-13T00:00:00
db:	JVNDB	id:	JVNDB-2016-005413	date:	2016-10-20T00:00:00
db:	CNNVD	id:	CNNVD-201610-424	date:	2016-10-14T00:00:00
db:	NVD	id:	CVE-2016-7960	date:	2016-10-13T10:59:01.817