ID

VAR-202202-0371


CVE

CVE-2021-37185


TITLE

Vulnerabilities in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2022-005066

DESCRIPTION

A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packets over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products contain unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module. Several Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs

Trust: 2.16

sources: NVD: CVE-2021-37185 // JVNDB: JVNDB-2022-005066 // CNVD: CNVD-2022-10004

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-10004

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-1500 cpu 1516t-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515f-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517f-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518hf-4scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515f-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513r-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512c-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic drive controller cpu 1504d tfscope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511f-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215cscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511tf-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512c-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513prof-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510spscope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515t-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515tf-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214cscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515t-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511c-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515tf-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516tf-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518t-4scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516tf-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518t-4scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511t-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro fscope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-plcsim advancedscope:ltversion:4.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511t-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512spf-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro fscope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214cscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512spf-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515r-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510sp-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513pro-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516t-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510sp-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215fcscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212cscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513f-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518hf-4scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513f-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212fcscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510spscope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517tf-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214fcscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513r-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517f-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517tf-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1217cscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513prof-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511f-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511tf-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-plcsim advancedscope:eqversion:4.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1211cscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215fcscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212cscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212fcscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511c-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516f-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 software controllerscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic et 200sp open controller cpu 1515sp pc2scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic drive controller cpu 1507d tfscope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214fcscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513pro-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516f-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1217cscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518tf-4scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512sp-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1211cscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215cscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518tf-4scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512sp-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:tim 1531 ircscope:gteversion:2.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515r-2scope:gteversion:2.9.2

Trust: 1.0

vendor:シーメンスmodel:simatic et 200sp open controller cpu 1515sp pc2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 software controllerscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:s7 1200 cpu 1214fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic drive controller cpu 1504d tfscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1211cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:s7 1200 cpu 1212fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic drive controller cpu 1507d tfscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:tim 1531 ircscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1212cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-plcsim advancedscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500 software controllerscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-plcsim advancedscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic et 200sp open controller cpu 1515sp pc2scope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic drive controller familyscope:ltversion:v2.9.4

Trust: 0.6

vendor:siemensmodel:simatic s7-1200 cpu familyscope:gteversion:v4.5.0<v4.5.2

Trust: 0.6

vendor:siemensmodel:tim ircscope:eqversion:1531>=v2.2

Trust: 0.6

sources: CNVD: CNVD-2022-10004 // JVNDB: JVNDB-2022-005066 // NVD: CVE-2021-37185

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-37185
value: HIGH

Trust: 1.0

productcert@siemens.com: CVE-2021-37185
value: HIGH

Trust: 1.0

NVD: CVE-2021-37185
value: HIGH

Trust: 0.8

CNVD: CNVD-2022-10004
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202202-551
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2021-37185
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2022-10004
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-37185
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

OTHER: JVNDB-2022-005066
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-10004 // JVNDB: JVNDB-2022-005066 // CNNVD: CNNVD-202202-551 // NVD: CVE-2021-37185 // NVD: CVE-2021-37185

PROBLEMTYPE DATA

problemtype:CWE-672

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-005066 // NVD: CVE-2021-37185

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202202-551

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202202-551

PATCH

title:SSA-838121url:https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf

Trust: 0.8

title:Patch for Denial of Service Vulnerabilities in Multiple Siemens Industrial Productsurl:https://www.cnvd.org.cn/patchInfo/show/318426

Trust: 0.6

title:Siemens SIMATIC S7-1500 CPU and SIMATIC S7-1500 Enter the fix for the verification error vulnerabilityurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=181690

Trust: 0.6

sources: CNVD: CNVD-2022-10004 // JVNDB: JVNDB-2022-005066 // CNNVD: CNNVD-202202-551

EXTERNAL IDS

db:NVDid:CVE-2021-37185

Trust: 3.8

db:SIEMENSid:SSA-838121

Trust: 2.2

db:ICS CERTid:ICSA-22-041-01

Trust: 1.4

db:JVNid:JVNVU98748974

Trust: 0.8

db:JVNDBid:JVNDB-2022-005066

Trust: 0.8

db:CNVDid:CNVD-2022-10004

Trust: 0.6

db:CS-HELPid:SB2022021105

Trust: 0.6

db:AUSCERTid:ESB-2022.0605

Trust: 0.6

db:CNNVDid:CNNVD-202202-551

Trust: 0.6

sources: CNVD: CNVD-2022-10004 // JVNDB: JVNDB-2022-005066 // CNNVD: CNNVD-202202-551 // NVD: CVE-2021-37185

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf

Trust: 2.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-37185

Trust: 1.4

url:https://jvn.jp/vu/jvnvu98748974/index.html

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-01

Trust: 0.8

url:https://vigilance.fr/vulnerability/simatic-denial-of-service-via-prepared-packets-37484

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0605

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022021105

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-041-01

Trust: 0.6

sources: CNVD: CNVD-2022-10004 // JVNDB: JVNDB-2022-005066 // CNNVD: CNNVD-202202-551 // NVD: CVE-2021-37185

CREDITS

Gao Jian assisted the coordinated disclosure of these vulnerabilities with Siemens.

Trust: 0.6

sources: CNNVD: CNNVD-202202-551

SOURCES

db:CNVDid:CNVD-2022-10004
db:JVNDBid:JVNDB-2022-005066
db:CNNVDid:CNNVD-202202-551
db:NVDid:CVE-2021-37185

LAST UPDATE DATE

2024-08-14T13:01:52.807000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-10004date:2022-02-14T00:00:00
db:JVNDBid:JVNDB-2022-005066date:2023-05-16T08:28:00
db:CNNVDid:CNNVD-202202-551date:2023-04-12T00:00:00
db:NVDid:CVE-2021-37185date:2023-04-11T10:15:09.550

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-10004date:2022-02-14T00:00:00
db:JVNDBid:JVNDB-2022-005066date:2023-05-16T00:00:00
db:CNNVDid:CNNVD-202202-551date:2022-02-08T00:00:00
db:NVDid:CVE-2021-37185date:2022-02-09T16:15:12.823