Sign-up

ID

VAR-201702-0151


CVE

CVE-2016-8567


TITLE

Siemens SICAM PAS Multiple Security Vulnerabilities

Trust: 0.9

sources: BID: 94549 // CNNVD: CNNVD-201611-665

DESCRIPTION

An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database over Port 2638/TCP. SICAM PAS is an energy automation solution for substation equipment operation. It has an open communication interface to meet the control requirements of power system control and industrial power supply equipment. There are arbitrary file access vulnerabilities in SIEMENS SICAM PAS. An arbitrary file-access vulnerability. 2. A security-bypass vulnerability. 3. A denial-of-service vulnerability. Attackers can exploit these issues to bypass the authentication mechanism or retrieve or delete arbitrary files, which may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition

Trust: 2.7

sources: NVD: CVE-2016-8567 // JVNDB: JVNDB-2016-007774 // CNVD: CNVD-2016-11764 // BID: 94549 // IVD: 6e3ae9ba-b7cb-42e3-b207-b3f8e5d411d2 // VULHUB: VHN-97387

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 6e3ae9ba-b7cb-42e3-b207-b3f8e5d411d2 // CNVD: CNVD-2016-11764

AFFECTED PRODUCTS

vendor:siemensmodel:sicam pas\/pqsscope:ltversion:8.00

Trust: 1.0

vendor:siemensmodel:sicam passcope:ltversion:8.00

Trust: 0.8

vendor:siemensmodel:sicam passcope:ltversion:8.0

Trust: 0.6

vendor:siemensmodel:sicam passcope:eqversion: -

Trust: 0.6

vendor:siemensmodel:sicam passcope:eqversion:0

Trust: 0.3

vendor:siemensmodel:sicam passcope:neversion:8.00

Trust: 0.3

vendor:sicam pasmodel: - scope:eqversion: -

Trust: 0.2

sources: IVD: 6e3ae9ba-b7cb-42e3-b207-b3f8e5d411d2 // CNVD: CNVD-2016-11764 // BID: 94549 // JVNDB: JVNDB-2016-007774 // CNNVD: CNNVD-201611-665 // NVD: CVE-2016-8567

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-8567
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-8567
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2016-11764
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201611-665
value: HIGH

Trust: 0.6

IVD: 6e3ae9ba-b7cb-42e3-b207-b3f8e5d411d2
value: HIGH

Trust: 0.2

VULHUB: VHN-97387
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-8567
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-11764
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 6e3ae9ba-b7cb-42e3-b207-b3f8e5d411d2
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-97387
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-8567
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2016-8567
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 6e3ae9ba-b7cb-42e3-b207-b3f8e5d411d2 // CNVD: CNVD-2016-11764 // VULHUB: VHN-97387 // JVNDB: JVNDB-2016-007774 // CNNVD: CNNVD-201611-665 // NVD: CVE-2016-8567

PROBLEMTYPE DATA

problemtype:CWE-798

Trust: 1.9

sources: VULHUB: VHN-97387 // JVNDB: JVNDB-2016-007774 // NVD: CVE-2016-8567

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201611-665

TYPE

other

Trust: 0.8

sources: IVD: 6e3ae9ba-b7cb-42e3-b207-b3f8e5d411d2 // CNNVD: CNNVD-201611-665

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-007774

PATCH
title:SSA-946325url:http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-946325.pdf
Trust: 0.8
title:SIEMENS SICAM PAS patch for arbitrary file access vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/84811
Trust: 0.6
title:Siemens SICAM PAS Fixes for multiple security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65939
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-11764 // 
            
            
            
            JVNDB: JVNDB-2016-007774 // 
            
            
            
            CNNVD: CNNVD-201611-665

EXTERNAL IDS
db:NVDid:CVE-2016-8567
Trust: 3.6
db:ICS CERTid:ICSA-16-336-01
Trust: 2.8
db:BIDid:94549
Trust: 2.6
db:CNNVDid:CNNVD-201611-665
Trust: 0.9
db:SIEMENSid:SSA-946325
Trust: 0.9
db:CNVDid:CNVD-2016-11764
Trust: 0.8
db:JVNDBid:JVNDB-2016-007774
Trust: 0.8
db:IVDid:6E3AE9BA-B7CB-42E3-B207-B3F8E5D411D2
Trust: 0.2
db:VULHUBid:VHN-97387
Trust: 0.1
sources:
            
            
            IVD: 6e3ae9ba-b7cb-42e3-b207-b3f8e5d411d2 // 
            
            
            
            CNVD: CNVD-2016-11764 // 
            
            
            
            VULHUB: VHN-97387 // 
            
            
            
            BID: 94549 // 
            
            
            
            JVNDB: JVNDB-2016-007774 // 
            
            
            
            CNNVD: CNNVD-201611-665 // 
            
            
            
            NVD: CVE-2016-8567

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-16-336-01
Trust: 2.8
url:http://www.securityfocus.com/bid/94549
Trust: 1.7
url:http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-946325.pdf
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8567
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8567
Trust: 0.8
url:http://www.siemens.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2016-11764 // 
            
            
            
            VULHUB: VHN-97387 // 
            
            
            
            BID: 94549 // 
            
            
            
            JVNDB: JVNDB-2016-007774 // 
            
            
            
            CNNVD: CNNVD-201611-665 // 
            
            
            
            NVD: CVE-2016-8567

CREDITS
Ilya Karpov and Dmitry Sklyarov, Positive Technologies, Sergey Temnkikov and Vladimir Dashchenko, Critical Infrastructure Defense Team, Kaspersky Lab.
Trust: 0.9
sources:
            
            
            BID: 94549 // 
            
            
            
            CNNVD: CNNVD-201611-665

SOURCES
db:IVDid:6e3ae9ba-b7cb-42e3-b207-b3f8e5d411d2
db:CNVDid:CNVD-2016-11764
db:VULHUBid:VHN-97387
db:BIDid:94549
db:JVNDBid:JVNDB-2016-007774
db:CNNVDid:CNNVD-201611-665
db:NVDid:CVE-2016-8567

LAST UPDATE DATE
2024-11-23T22:26:53.378000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-11764date:2016-12-02T00:00:00
db:VULHUBid:VHN-97387date:2017-02-28T00:00:00
db:BIDid:94549date:2016-12-20T03:04:00
db:JVNDBid:JVNDB-2016-007774date:2017-03-16T00:00:00
db:CNNVDid:CNNVD-201611-665date:2016-12-02T00:00:00
db:NVDid:CVE-2016-8567date:2024-11-21T02:59:35.210

SOURCES RELEASE DATE
db:IVDid:6e3ae9ba-b7cb-42e3-b207-b3f8e5d411d2date:2016-12-02T00:00:00
db:CNVDid:CNVD-2016-11764date:2016-12-02T00:00:00
db:VULHUBid:VHN-97387date:2017-02-13T00:00:00
db:BIDid:94549date:2016-11-25T00:00:00
db:JVNDBid:JVNDB-2016-007774date:2017-03-16T00:00:00
db:CNNVDid:CNNVD-201611-665date:2016-11-25T00:00:00
db:NVDid:CVE-2016-8567date:2017-02-13T21:59:01.470