ID

VAR-202006-1521


CVE

CVE-2020-7586


TITLE

Out-of-bounds write vulnerabilities in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2020-006492

DESCRIPTION

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information. Multiple Siemens products are vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. A buffer error vulnerability exists in several Siemens products

Trust: 1.71

sources: NVD: CVE-2020-7586 // JVNDB: JVNDB-2020-006492 // VULHUB: VHN-185711

AFFECTED PRODUCTS

vendor:siemensmodel:sinamics starterscope:eqversion:5.4

Trust: 1.0

vendor:siemensmodel:simatic process device managerscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:sinamics starterscope:ltversion:5.4

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic step 7scope:eqversion:5.6

Trust: 1.0

vendor:siemensmodel:simatic step 7scope:ltversion:5.6

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic process devise managerscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic step 7scope: - version: -

Trust: 0.8

vendor:siemensmodel:sinamics starterscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-006492 // NVD: CVE-2020-7586

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-7586
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-006492
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202006-641
value: HIGH

Trust: 0.6

VULHUB: VHN-185711
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-7586
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-006492
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-185711
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-7586
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-006492
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-185711 // JVNDB: JVNDB-2020-006492 // CNNVD: CNNVD-202006-641 // NVD: CVE-2020-7586

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.9

problemtype:CWE-122

Trust: 1.1

sources: VULHUB: VHN-185711 // JVNDB: JVNDB-2020-006492 // NVD: CVE-2020-7586

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202006-641

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202006-641

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-006492

PATCH

title:SSA-689942url:https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf

Trust: 0.8

title:Multiple Siemens Product Buffer Error Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121656

Trust: 0.6

sources: JVNDB: JVNDB-2020-006492 // CNNVD: CNNVD-202006-641

EXTERNAL IDS

db:NVDid:CVE-2020-7586

Trust: 2.5

db:ICS CERTid:ICSA-20-161-05

Trust: 2.5

db:SIEMENSid:SSA-689942

Trust: 1.7

db:JVNid:JVNVU97501786

Trust: 0.8

db:JVNDBid:JVNDB-2020-006492

Trust: 0.8

db:CNNVDid:CNNVD-202006-641

Trust: 0.7

db:AUSCERTid:ESB-2020.2015

Trust: 0.6

db:VULHUBid:VHN-185711

Trust: 0.1

sources: VULHUB: VHN-185711 // JVNDB: JVNDB-2020-006492 // CNNVD: CNNVD-202006-641 // NVD: CVE-2020-7586

REFERENCES

url:https://www.us-cert.gov/ics/advisories/icsa-20-161-05

Trust: 3.1

url:https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05

Trust: 2.3

url:https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-7586

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7586

Trust: 0.8

url:https://jvn.jp/vu/jvnvu97501786/

Trust: 0.8

url:https://vigilance.fr/vulnerability/simatic-two-vulnerabilities-32490

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2015/

Trust: 0.6

sources: VULHUB: VHN-185711 // JVNDB: JVNDB-2020-006492 // CNNVD: CNNVD-202006-641 // NVD: CVE-2020-7586

SOURCES

db:VULHUBid:VHN-185711
db:JVNDBid:JVNDB-2020-006492
db:CNNVDid:CNNVD-202006-641
db:NVDid:CVE-2020-7586

LAST UPDATE DATE

2024-08-14T12:57:35.227000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-185711date:2021-04-22T00:00:00
db:JVNDBid:JVNDB-2020-006492date:2020-07-09T00:00:00
db:CNNVDid:CNNVD-202006-641date:2022-03-11T00:00:00
db:NVDid:CVE-2020-7586date:2021-04-22T21:15:09.470

SOURCES RELEASE DATE

db:VULHUBid:VHN-185711date:2020-06-10T00:00:00
db:JVNDBid:JVNDB-2020-006492date:2020-07-09T00:00:00
db:CNNVDid:CNNVD-202006-641date:2020-06-09T00:00:00
db:NVDid:CVE-2020-7586date:2020-06-10T17:15:12.520