ID

VAR-202212-1311


CVE

CVE-2021-44693


TITLE

Vulnerability in multiple Siemens products related to improper validation of quantities specified in inputs

Trust: 0.8

sources: JVNDB: JVNDB-2021-020593

DESCRIPTION

Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain a vulnerability related to improper validation of quantities specified in input.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network. A denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device

Trust: 2.16

sources: NVD: CVE-2021-44693 // JVNDB: JVNDB-2021-020593 // CNVD: CNVD-2022-87984

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-87984

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-1500 cpu 1517tf-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1217cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513r-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 15prof-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513prof-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic et 200 sp open controller cpu 1515sp pcscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1211cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:siplus s7-300 cpu 317-2 pn\/dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511f-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510spscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515tf-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513-1 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515t-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1508s fscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515-2 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515f-2 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1214cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:tim 1531 ircscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214 fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1508sscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 151511f-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1215fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512cscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511t-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516f-3 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 151511c-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cp 1543sp-1 isecscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518tf-4scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512sp-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1212cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-plcsim advancedscope:ltversion:5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 15pro-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro fscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus s7-1200 cp 1243-1 railscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512spf-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3 dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515r-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513pro-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516t-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510sp-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511cscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3 dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518hf-4scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513f-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cp 1543sp-1 isec tx railscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cp 1542sp-1 irc tx railscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus s7-1200 cp 1243-1scope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1217cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:siplus s7-300 cpu 314scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:siplus s7-300 cpu 315-2 pn\/dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512c-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1214fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511f-1 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511tf-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 pn\/dp mfpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511c-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1507s fscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513f-1 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517f-3 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215 fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516f-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516tf-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518t-4scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1211cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1215cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 software controllerscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511-1 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515f-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1507sscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus tim 1531 ircscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1212fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:siplus s7-300 cpu 315-2 dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517f-3scope:ltversion:3.0.1

Trust: 1.0

vendor:シーメンスmodel:simatic s7-1200 cpu 1212cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1215fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1217cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1211cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1212fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1214fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1215cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1214cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1215 fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1215cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1214fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:siplus s7-1200 cp 1243-1 railscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-plcsim advancedscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1212fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1217cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1214cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1214 fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1211cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1212cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1215fcscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200sp open controller cpu 1515sp pc2scope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic drive controller familyscope:ltversion:v3.0.1

Trust: 0.6

vendor:siemensmodel:simatic s7-1200 cpu familyscope:ltversion:v4.6.0

Trust: 0.6

vendor:siemensmodel:simatic s7-1500 cpu familyscope:ltversion:v3.0.1

Trust: 0.6

vendor:siemensmodel:siplus tim ircscope:eqversion:1531

Trust: 0.6

vendor:siemensmodel:tim ircscope:eqversion:1531

Trust: 0.6

sources: CNVD: CNVD-2022-87984 // JVNDB: JVNDB-2021-020593 // NVD: CVE-2021-44693

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2021-44693
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2021-44693
value: HIGH

Trust: 1.0

OTHER: JVNDB-2021-020593
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2022-87984
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202212-2988
value: HIGH

Trust: 0.6

CNVD: CNVD-2022-87984
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

productcert@siemens.com: CVE-2021-44693
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 3.6
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2021-44693
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

OTHER: JVNDB-2021-020593
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-87984 // JVNDB: JVNDB-2021-020593 // CNNVD: CNNVD-202212-2988 // NVD: CVE-2021-44693 // NVD: CVE-2021-44693

PROBLEMTYPE DATA

problemtype:CWE-1284

Trust: 1.0

problemtype:Improper validation of quantity specified in input (CWE-1284) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-020593 // NVD: CVE-2021-44693

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202212-2988

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202212-2988

PATCH

title:Patch for Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87984)url:https://www.cnvd.org.cn/patchInfo/show/372401

Trust: 0.6

title:Siemens SIMATIC Drive Controller Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=245497

Trust: 0.6

sources: CNVD: CNVD-2022-87984 // CNNVD: CNNVD-202212-2988

EXTERNAL IDS

db:NVDid:CVE-2021-44693

Trust: 3.8

db:SIEMENSid:SSA-382653

Trust: 3.0

db:ICS CERTid:ICSA-22-349-03

Trust: 1.4

db:JVNid:JVNVU91561630

Trust: 0.8

db:JVNDBid:JVNDB-2021-020593

Trust: 0.8

db:CNVDid:CNVD-2022-87984

Trust: 0.6

db:CNNVDid:CNNVD-202212-2988

Trust: 0.6

sources: CNVD: CNVD-2022-87984 // JVNDB: JVNDB-2021-020593 // CNNVD: CNNVD-202212-2988 // NVD: CVE-2021-44693

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf

Trust: 2.4

url:https://jvn.jp/vu/jvnvu91561630/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-44693

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-03

Trust: 0.8

url:https://cert-portal.siemens.com/productcert/html/ssa-382653.html

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2021-44693/

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-349-03

Trust: 0.6

url:https://vigilance.fr/vulnerability/siemens-simatic-four-vulnerabilities-40092

Trust: 0.6

sources: CNVD: CNVD-2022-87984 // JVNDB: JVNDB-2021-020593 // CNNVD: CNNVD-202212-2988 // NVD: CVE-2021-44693

CREDITS

Gao Jian reported these vulnerabilities to Siemens.

Trust: 0.6

sources: CNNVD: CNNVD-202212-2988

SOURCES

db:CNVDid:CNVD-2022-87984
db:JVNDBid:JVNDB-2021-020593
db:CNNVDid:CNNVD-202212-2988
db:NVDid:CVE-2021-44693

LAST UPDATE DATE

2024-08-14T12:27:23.319000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-87984date:2022-12-16T00:00:00
db:JVNDBid:JVNDB-2021-020593date:2023-11-29T01:33:00
db:CNNVDid:CNNVD-202212-2988date:2023-07-12T00:00:00
db:NVDid:CVE-2021-44693date:2023-09-12T10:15:11.263

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-87984date:2022-12-16T00:00:00
db:JVNDBid:JVNDB-2021-020593date:2023-11-29T00:00:00
db:CNNVDid:CNNVD-202212-2988date:2022-12-13T00:00:00
db:NVDid:CVE-2021-44693date:2022-12-13T16:15:14.750