Sign-up

ID

VAR-202109-0743


CVE

CVE-2021-31891


TITLE

in multiple Siemens products  OS  Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-012333

DESCRIPTION

A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges. Several Siemens products include OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens Desigo CC is an open building management platform from Siemens (Siemens) in Germany. GMA Manager allows the functional combination of different safety and security systems, such as fire detection systems and video surveillance, on a common platform. Operation Scheduler is a tool that enables security operators to intelligently perform routine tasks. Siveillance Control is a Physical Security Information Management System (PSIM). Siveillance Control Pro is a command and control solution. Siveillance Open Interface Services (OIS) is an interface and integration platform for integrating subsystems into management stations. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Trust: 2.79

sources: NVD: CVE-2021-31891 // JVNDB: JVNDB-2021-012333 // CNVD: CNVD-2021-71442 // CNNVD: CNNVD-202104-975 // VULMON: CVE-2021-31891

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-71442

AFFECTED PRODUCTS

vendor:siemensmodel:gma-managerscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:desigo ccscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siveillance controlscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:siveillance control proscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:operation schedulerscope:eqversion:*

Trust: 1.0

vendor:シーメンスmodel:siveillance controlscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:siveillance control proscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo ccscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:operation schedulerscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:gma-managerscope: - version: -

Trust: 0.8

vendor:siemensmodel:desigo ccscope: - version: -

Trust: 0.6

vendor:siemensmodel:gma-managerscope: - version: -

Trust: 0.6

vendor:siemensmodel:operation schedulerscope: - version: -

Trust: 0.6

vendor:siemensmodel:siveillance controlscope: - version: -

Trust: 0.6

vendor:siemensmodel:siveillance control proscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2021-71442 // JVNDB: JVNDB-2021-012333 // NVD: CVE-2021-31891

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-31891
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-31891
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2021-71442
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202109-931
value: CRITICAL

Trust: 0.6

VULMON: CVE-2021-31891
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-31891
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2021-71442
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-31891
baseSeverity: CRITICAL
baseScore: 10.0
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 6.0
version: 3.1

Trust: 1.0

NVD: CVE-2021-31891
baseSeverity: CRITICAL
baseScore: 10.0
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-71442 // VULMON: CVE-2021-31891 // JVNDB: JVNDB-2021-012333 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-931 // NVD: CVE-2021-31891

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

problemtype:OS Command injection (CWE-78) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-012333 // NVD: CVE-2021-31891

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202109-931

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:SSA-535380url:https://cert-portal.siemens.com/productcert/pdf/ssa-535380.pdf

Trust: 0.8

title:Patch for Siemens Siveillance OIS Operating System Command Injection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/291001

Trust: 0.6

title:Siemens Desigo CC Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=162466

Trust: 0.6

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=272f30a8fc81104e9158fca291f370ba

Trust: 0.1

sources: CNVD: CNVD-2021-71442 // VULMON: CVE-2021-31891 // JVNDB: JVNDB-2021-012333 // CNNVD: CNNVD-202109-931

EXTERNAL IDS

db:NVDid:CVE-2021-31891

Trust: 3.9

db:SIEMENSid:SSA-535380

Trust: 2.3

db:ICS CERTid:ICSA-21-257-18

Trust: 1.4

db:JVNid:JVNVU96712416

Trust: 0.8

db:JVNDBid:JVNDB-2021-012333

Trust: 0.8

db:CNVDid:CNVD-2021-71442

Trust: 0.6

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021091605

Trust: 0.6

db:CNNVDid:CNNVD-202109-931

Trust: 0.6

db:VULMONid:CVE-2021-31891

Trust: 0.1

sources: CNVD: CNVD-2021-71442 // VULMON: CVE-2021-31891 // JVNDB: JVNDB-2021-012333 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-931 // NVD: CVE-2021-31891

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-535380.pdf

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-31891

Trust: 1.4

url:https://jvn.jp/vu/jvnvu96712416/

Trust: 0.8

url:https://www.cisa.gov/uscert/ics/advisories/icsa-21-257-18

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021091605

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-257-18

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/78.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://cert-portal.siemens.com/productcert/txt/ssa-535380.txt

Trust: 0.1

sources: CNVD: CNVD-2021-71442 // VULMON: CVE-2021-31891 // JVNDB: JVNDB-2021-012333 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202109-931 // NVD: CVE-2021-31891

CREDITS

Siemens reported this vulnerability to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202109-931

SOURCES

db:CNVDid:CNVD-2021-71442
db:VULMONid:CVE-2021-31891
db:JVNDBid:JVNDB-2021-012333
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202109-931
db:NVDid:CVE-2021-31891

LAST UPDATE DATE

2024-08-14T12:34:58.539000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-71442date:2022-01-18T00:00:00
db:VULMONid:CVE-2021-31891date:2021-09-28T00:00:00
db:JVNDBid:JVNDB-2021-012333date:2022-08-30T02:02:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202109-931date:2022-07-01T00:00:00
db:NVDid:CVE-2021-31891date:2021-09-28T16:48:53.480

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-71442date:2021-09-16T00:00:00
db:VULMONid:CVE-2021-31891date:2021-09-14T00:00:00
db:JVNDBid:JVNDB-2021-012333date:2022-08-30T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202109-931date:2021-09-14T00:00:00
db:NVDid:CVE-2021-31891date:2021-09-14T11:15:24.023