ID

VAR-202111-0483


CVE

CVE-2021-40359


TITLE

Path traversal vulnerability in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2021-014829

DESCRIPTION

A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 6), SIMATIC NET PC Software V17 (All versions < V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files. Multiple Siemens products contain a path traversal vulnerability.Information may be obtained. When..

Trust: 1.71

sources: NVD: CVE-2021-40359 // JVNDB: JVNDB-2021-014829 // VULHUB: VHN-401716

AFFECTED PRODUCTS

vendor:siemensmodel:simaticpcs 7scope:gteversion:9.0

Trust: 1.0

vendor:siemensmodel:simatic batchscope:eqversion:9.0

Trust: 1.0

vendor:siemensmodel:simatic batchscope:eqversion:8.2

Trust: 1.0

vendor:siemensmodel:simaticpcs 7scope:lteversion:8.2

Trust: 1.0

vendor:siemensmodel:simatic route controlscope:eqversion:9.1

Trust: 1.0

vendor:siemensmodel:simatic winccscope:lteversion:7.4

Trust: 1.0

vendor:siemensmodel:simaticpcs 7scope:ltversion:9.1

Trust: 1.0

vendor:siemensmodel:simatic net pcscope:eqversion:16

Trust: 1.0

vendor:siemensmodel:simatic winccscope:eqversion:7.5

Trust: 1.0

vendor:siemensmodel:simatic net pcscope:eqversion:15

Trust: 1.0

vendor:siemensmodel:simatic batchscope:eqversion:9.1

Trust: 1.0

vendor:siemensmodel:simatic net pcscope:eqversion:17

Trust: 1.0

vendor:siemensmodel:simatic route controlscope:eqversion:9.0

Trust: 1.0

vendor:siemensmodel:simatic route controlscope:eqversion:8.2

Trust: 1.0

vendor:siemensmodel:simatic winccscope:eqversion:16

Trust: 1.0

vendor:siemensmodel:simaticpcs 7scope:eqversion:9.1

Trust: 1.0

vendor:siemensmodel:simatic winccscope:eqversion:15

Trust: 1.0

vendor:siemensmodel:simatic net pcscope:eqversion:14

Trust: 1.0

vendor:siemensmodel:simatic winccscope:eqversion:17

Trust: 1.0

vendor:シーメンスmodel:simatic net pc ソフトウェアscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic route controlscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic winccscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic pcs 7scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic batchscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-014829 // NVD: CVE-2021-40359

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-40359
value: HIGH

Trust: 1.0

productcert@siemens.com: CVE-2021-40359
value: HIGH

Trust: 1.0

NVD: CVE-2021-40359
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202111-778
value: HIGH

Trust: 0.6

VULHUB: VHN-401716
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-40359
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-401716
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-40359
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

productcert@siemens.com: CVE-2021-40359
baseSeverity: HIGH
baseScore: 7.7
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.1
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: CVE-2021-40359
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-401716 // JVNDB: JVNDB-2021-014829 // CNNVD: CNNVD-202111-778 // NVD: CVE-2021-40359 // NVD: CVE-2021-40359

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.1

problemtype:Path traversal (CWE-22) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-401716 // JVNDB: JVNDB-2021-014829 // NVD: CVE-2021-40359

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202111-778

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202111-778

PATCH

title:SSA-840188url:https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf

Trust: 0.8

title:Siemens SIMATIC PCS 7 and SIMATIC WinCC Repair measures for path traversal vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=169660

Trust: 0.6

sources: JVNDB: JVNDB-2021-014829 // CNNVD: CNNVD-202111-778

EXTERNAL IDS

db:NVDid:CVE-2021-40359

Trust: 3.3

db:SIEMENSid:SSA-840188

Trust: 1.7

db:ICS CERTid:ICSA-21-315-03

Trust: 1.4

db:JVNid:JVNVU95671889

Trust: 0.8

db:JVNDBid:JVNDB-2021-014829

Trust: 0.8

db:AUSCERTid:ESB-2021.3874

Trust: 0.6

db:CNNVDid:CNNVD-202111-778

Trust: 0.6

db:VULHUBid:VHN-401716

Trust: 0.1

sources: VULHUB: VHN-401716 // JVNDB: JVNDB-2021-014829 // CNNVD: CNNVD-202111-778 // NVD: CVE-2021-40359

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf

Trust: 1.7

url:http://jvn.jp/vu/jvnvu95671889/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-40359

Trust: 0.8

url:https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-03

Trust: 0.8

url:https://vigilance.fr/vulnerability/simatic-multiple-vulnerabilities-via-wincc-36835

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3874

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-315-03

Trust: 0.6

sources: VULHUB: VHN-401716 // JVNDB: JVNDB-2021-014829 // CNNVD: CNNVD-202111-778 // NVD: CVE-2021-40359

CREDITS

Thomas Riedmaier from Siemens Energy reported these vulnerabilities to Siemens.

Trust: 0.6

sources: CNNVD: CNNVD-202111-778

SOURCES

db:VULHUBid:VHN-401716
db:JVNDBid:JVNDB-2021-014829
db:CNNVDid:CNNVD-202111-778
db:NVDid:CVE-2021-40359

LAST UPDATE DATE

2024-08-14T12:16:47.446000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-401716date:2022-07-12T00:00:00
db:JVNDBid:JVNDB-2021-014829date:2022-10-28T06:55:00
db:CNNVDid:CNNVD-202111-778date:2023-04-12T00:00:00
db:NVDid:CVE-2021-40359date:2023-04-11T10:15:10.710

SOURCES RELEASE DATE

db:VULHUBid:VHN-401716date:2021-11-09T00:00:00
db:JVNDBid:JVNDB-2021-014829date:2022-10-28T00:00:00
db:CNNVDid:CNNVD-202111-778date:2021-11-09T00:00:00
db:NVDid:CVE-2021-40359date:2021-11-09T12:15:09.987