ID

VAR-202202-0372


CVE

CVE-2021-37204


TITLE

Vulnerabilities in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2022-005068

DESCRIPTION

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 Ready4Linux (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.5.0 < V4.5.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.9.2 < V2.9.4), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-1500 Software Controller (All versions >= V21.9 < V21.9.4), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SIMATIC S7-PLCSIM Advanced (All versions >= V4.0 < V4.0 SP1), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). An unauthenticated attacker could cause a denial-of-service condition in a PLC when sending specially prepared packet over port 102/tcp. A restart of the affected device is needed to restore normal operations. Multiple Siemens products contain unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-1200 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 CPU family products are designed for discrete and continuous control in industrial environments such as the global manufacturing, food and beverage, and chemical industries. The SIMATIC S7-1500 Software Controller is the SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates the S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO! , SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. The TIM 1531 IRC is a communication module. Several Siemens industrial products have denial-of-service vulnerabilities that attackers can exploit to create denial-of-service conditions in PLCs

Trust: 2.16

sources: NVD: CVE-2021-37204 // JVNDB: JVNDB-2022-005068 // CNVD: CNVD-2022-10003

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-10003

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-1500 cpu 1516t-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515f-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517f-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518hf-4scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515f-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513r-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512c-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic drive controller cpu 1504d tfscope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511f-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215cscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511tf-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512c-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513prof-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510spscope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515t-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515tf-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214cscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515t-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511c-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515tf-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516tf-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518t-4scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516tf-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518t-4scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511t-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro fscope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-plcsim advancedscope:ltversion:4.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511t-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512spf-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro fscope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214cscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512spf-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515r-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510sp-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513pro-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516t-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510sp-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215fcscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212cscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513f-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518hf-4scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513f-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212fcscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510spscope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517tf-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214fcscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513r-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517f-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517tf-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1217cscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513prof-2scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511f-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511tf-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-plcsim advancedscope:eqversion:4.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1211cscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215fcscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212cscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212fcscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511c-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516f-3scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 software controllerscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic et 200sp open controller cpu 1515sp pc2scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic drive controller cpu 1507d tfscope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214fcscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513pro-2scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516f-3scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1217cscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518tf-4scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512sp-1scope:gteversion:2.9.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1211cscope:gteversion:4.5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215cscope:ltversion:4.5.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518tf-4scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512sp-1scope:ltversion:2.9.4

Trust: 1.0

vendor:siemensmodel:tim 1531 ircscope:gteversion:2.2

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515r-2scope:gteversion:2.9.2

Trust: 1.0

vendor:シーメンスmodel:simatic et 200sp open controller cpu 1515sp pc2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1500 software controllerscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:s7 1200 cpu 1214fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic drive controller cpu 1504d tfscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1211cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:s7 1200 cpu 1212fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic drive controller cpu 1507d tfscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:tim 1531 ircscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1212cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-plcsim advancedscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500 software controllerscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic et 200sp open controller cpu 1515sp pc2scope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-1500 cpu familyscope:gtversion:v2.5,<v2.9.2

Trust: 0.6

vendor:siemensmodel:simatic drive controller familyscope:ltversion:v2.9.4

Trust: 0.6

vendor:siemensmodel:simatic s7-1200 cpu familyscope:gteversion:v4.5.0<v4.5.2

Trust: 0.6

vendor:siemensmodel:tim ircscope:eqversion:1531>=v2.2

Trust: 0.6

sources: CNVD: CNVD-2022-10003 // JVNDB: JVNDB-2022-005068 // NVD: CVE-2021-37204

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-37204
value: HIGH

Trust: 1.0

productcert@siemens.com: CVE-2021-37204
value: HIGH

Trust: 1.0

NVD: CVE-2021-37204
value: HIGH

Trust: 0.8

CNVD: CNVD-2022-10003
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202202-568
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2021-37204
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2022-10003
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2021-37204
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

OTHER: JVNDB-2022-005068
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-10003 // JVNDB: JVNDB-2022-005068 // CNNVD: CNNVD-202202-568 // NVD: CVE-2021-37204 // NVD: CVE-2021-37204

PROBLEMTYPE DATA

problemtype:CWE-672

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-005068 // NVD: CVE-2021-37204

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202202-568

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202202-568

PATCH

title:SSA-838121url:https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf

Trust: 0.8

title:Patch for Multiple Siemens Industrial Products Denial of Service Vulnerabilities (CNVD-2022-10003)url:https://www.cnvd.org.cn/patchInfo/show/318446

Trust: 0.6

title:SIMATIC S7-1500 CPU Enter the fix for the verification error vulnerabilityurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=185271

Trust: 0.6

sources: CNVD: CNVD-2022-10003 // JVNDB: JVNDB-2022-005068 // CNNVD: CNNVD-202202-568

EXTERNAL IDS

db:NVDid:CVE-2021-37204

Trust: 3.8

db:SIEMENSid:SSA-838121

Trust: 2.2

db:ICS CERTid:ICSA-22-041-01

Trust: 1.4

db:JVNid:JVNVU98748974

Trust: 0.8

db:JVNDBid:JVNDB-2022-005068

Trust: 0.8

db:CNVDid:CNVD-2022-10003

Trust: 0.6

db:CS-HELPid:SB2022021105

Trust: 0.6

db:AUSCERTid:ESB-2022.0605

Trust: 0.6

db:CNNVDid:CNNVD-202202-568

Trust: 0.6

sources: CNVD: CNVD-2022-10003 // JVNDB: JVNDB-2022-005068 // CNNVD: CNNVD-202202-568 // NVD: CVE-2021-37204

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf

Trust: 2.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-37204

Trust: 1.4

url:https://jvn.jp/vu/jvnvu98748974/index.html

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-01

Trust: 0.8

url:https://vigilance.fr/vulnerability/simatic-denial-of-service-via-prepared-packets-37484

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0605

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022021105

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-041-01

Trust: 0.6

sources: CNVD: CNVD-2022-10003 // JVNDB: JVNDB-2022-005068 // CNNVD: CNNVD-202202-568 // NVD: CVE-2021-37204

CREDITS

Gao Jian assisted the coordinated disclosure of these vulnerabilities with Siemens.

Trust: 0.6

sources: CNNVD: CNNVD-202202-568

SOURCES

db:CNVDid:CNVD-2022-10003
db:JVNDBid:JVNDB-2022-005068
db:CNNVDid:CNNVD-202202-568
db:NVDid:CVE-2021-37204

LAST UPDATE DATE

2024-08-14T12:47:36.679000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-10003date:2022-02-14T00:00:00
db:JVNDBid:JVNDB-2022-005068date:2023-05-16T08:41:00
db:CNNVDid:CNNVD-202202-568date:2023-04-12T00:00:00
db:NVDid:CVE-2021-37204date:2023-04-11T10:15:09.827

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-10003date:2022-02-14T00:00:00
db:JVNDBid:JVNDB-2022-005068date:2023-05-16T00:00:00
db:CNNVDid:CNNVD-202202-568date:2022-02-08T00:00:00
db:NVDid:CVE-2021-37204date:2022-02-09T16:15:13.333