Details of VAR-202108-1558

ID

VAR-202108-1558

CVE

CVE-2021-37172

TITLE

SIMATIC S7-1200 CPU Authentication vulnerabilities in the family

Trust: 0.8

sources: JVNDB: JVNDB-2021-010546

DESCRIPTION

A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication and download arbitrary programs to the PLC. The vulnerability does not occur when TIA Portal V13 SP1 or any later version was used to provision the device. Siemens SIMATIC S7-1200 is a S7-1200 series PLC (Programmable Logic Controller) of Siemens (Siemens) in Germany. The Siemens SIMATIC S7-1200 has a security problem vulnerability, which is caused by the device's inability to perform authentication based on the configured password. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.79

sources: NVD: CVE-2021-37172 // JVNDB: JVNDB-2021-010546 // CNVD: CNVD-2021-61123 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-37172

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-61123

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic step 7 \	scope:	lte	version:	13.0	Trust: 1.0
vendor:	siemens	model:	simatic s7-1200 cpu	scope:	eq	version:	4.5.0	Trust: 1.0
vendor:	シーメンス	model:	simatic s7-1200	scope:	eq	version:	simatic s7-1200 firmware 4.5.0	Trust: 0.8
vendor:	シーメンス	model:	simatic s7-1200	scope:	eq	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic s7-1200 cpu family	scope:	eq	version:	v4.5.0	Trust: 0.6

sources: CNVD: CNVD-2021-61123 // JVNDB: JVNDB-2021-010546 // NVD: CVE-2021-37172

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-37172
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-37172
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2021-61123
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202108-878
value:	HIGH
Trust: 0.6
VULMON:	CVE-2021-37172
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-37172
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2021-61123
severity:	HIGH
baseScore:	7.6
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2021-37172
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-37172
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2021-61123 // VULMON: CVE-2021-37172 // JVNDB: JVNDB-2021-010546 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-878 // NVD: CVE-2021-37172

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.0
problemtype:	Inappropriate authentication (CWE-287) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-010546 // NVD: CVE-2021-37172

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202108-878

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:	SSA-830194	url:	https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdf	Trust: 0.8
title:	Patch for Siemens SIMATIC S7-1200 lacks authentication vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/285451	Trust: 0.6
title:	SIMATIC S7-1200 Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159273	Trust: 0.6
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=6c9753e17464aee8784a2c1632b07e8f	Trust: 0.1

sources: CNVD: CNVD-2021-61123 // VULMON: CVE-2021-37172 // JVNDB: JVNDB-2021-010546 // CNNVD: CNNVD-202108-878

EXTERNAL IDS

db:	NVD	id:	CVE-2021-37172	Trust: 3.9
db:	SIEMENS	id:	SSA-830194	Trust: 2.3
db:	ICS CERT	id:	ICSA-21-222-09	Trust: 1.4
db:	JVN	id:	JVNVU99791395	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-010546	Trust: 0.8
db:	CNVD	id:	CNVD-2021-61123	Trust: 0.6
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CS-HELP	id:	SB2021081103	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2715	Trust: 0.6
db:	CNNVD	id:	CNNVD-202108-878	Trust: 0.6
db:	VULMON	id:	CVE-2021-37172	Trust: 0.1

sources: CNVD: CNVD-2021-61123 // VULMON: CVE-2021-37172 // JVNDB: JVNDB-2021-010546 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-878 // NVD: CVE-2021-37172

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-830194.pdf	Trust: 2.3
url:	https://jvn.jp/vu/jvnvu99791395/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-37172	Trust: 0.8
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-21-222-09	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/isca-21-222-09	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-222-09	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021081103	Trust: 0.6
url:	https://vigilance.fr/vulnerability/simatic-s7-1200-privilege-escalation-via-tia-portal-36090	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2715	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/287.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://cert-portal.siemens.com/productcert/txt/ssa-830194.txt	Trust: 0.1

sources: CNVD: CNVD-2021-61123 // VULMON: CVE-2021-37172 // JVNDB: JVNDB-2021-010546 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-878 // NVD: CVE-2021-37172

CREDITS

Jian Gao reported this vulnerability to Siemens.

Trust: 0.6

sources: CNNVD: CNNVD-202108-878

SOURCES

db:	CNVD	id:	CNVD-2021-61123
db:	VULMON	id:	CVE-2021-37172
db:	JVNDB	id:	JVNDB-2021-010546
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202108-878
db:	NVD	id:	CVE-2021-37172

LAST UPDATE DATE

2024-08-14T12:56:09.180000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-61123	date:	2022-01-18T00:00:00
db:	VULMON	id:	CVE-2021-37172	date:	2021-09-14T00:00:00
db:	JVNDB	id:	JVNDB-2021-010546	date:	2022-07-05T01:03:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202108-878	date:	2021-09-15T00:00:00
db:	NVD	id:	CVE-2021-37172	date:	2022-07-01T17:44:35.163

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-61123	date:	2021-08-11T00:00:00
db:	VULMON	id:	CVE-2021-37172	date:	2021-08-10T00:00:00
db:	JVNDB	id:	JVNDB-2021-010546	date:	2022-07-05T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202108-878	date:	2021-08-10T00:00:00
db:	NVD	id:	CVE-2021-37172	date:	2021-08-10T11:15:09.280