ID

VAR-202212-1314


CVE

CVE-2021-44695


TITLE

Input syntactic validity validation vulnerability in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2021-020591

DESCRIPTION

Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. simatic s7-plcsim advanced firmware, SIMATIC S7-1200 CPU 1211C firmware, SIMATIC S7-1200 CPU 1212C Multiple Siemens products, including firmware, contain vulnerabilities related to syntactic validation of input.Service operation interruption (DoS) It may be in a state. SIMATIC Drive Controllers are used for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller including optional visualization functions and central I/O in a compact device. SIMATIC S7-1200 CPU products are designed for discrete and continuous control in industrial environments, such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 CPU products are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industry. SIMATIC S7-1500 Software Controller is the SIMATIC Software Controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtualized environments. SIPLUS extreme products are designed to operate reliably under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. TIM 1531 IRC is a communication module for SIMATIC S7-1500, S7-400, S7-300 and SINAUT ST7, DNP3 and IEC 60870-5-101/104, with three RJ45 interfaces for passing through IP-based networks (WAN/ LAN) and an RS 232/RS 485 interface for communication via a classic WAN network. A denial of service vulnerability exists in Siemens Industrial products. Attackers can exploit this vulnerability to denial of service in the device

Trust: 2.16

sources: NVD: CVE-2021-44695 // JVNDB: JVNDB-2021-020591 // CNVD: CNVD-2022-87982

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-87982

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-1500 cpu 1517tf-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1217cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513r-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 15prof-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513prof-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic et 200 sp open controller cpu 1515sp pcscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1211cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:siplus s7-300 cpu 317-2 pn\/dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511f-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510spscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515tf-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513-1 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515t-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1508s fscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515-2 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515f-2 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1214cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:tim 1531 ircscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214 fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1508sscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 151511f-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1215fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512cscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511t-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516f-3 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 151511c-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cp 1543sp-1 isecscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518tf-4scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512sp-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1212cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-plcsim advancedscope:ltversion:5.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 15pro-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro fscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus s7-1200 cp 1243-1 railscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512spf-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3 dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515r-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513pro-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516t-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510sp-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511cscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3 dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518hf-4scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513f-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cp 1543sp-1 isec tx railscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus et 200sp cp 1542sp-1 irc tx railscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus s7-1200 cp 1243-1scope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1217cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:siplus s7-300 cpu 314scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:siplus s7-300 cpu 315-2 pn\/dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512c-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1214fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511f-1 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511tf-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 pn\/dp mfpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511c-1scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1507s fscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513f-1 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517f-3 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215 fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516f-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516tf-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518t-4scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1211cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1215cscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 software controllerscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511-1 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 pnscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4 pn\/dpscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515f-2scope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1507sscope:ltversion:3.0.1

Trust: 1.0

vendor:siemensmodel:siplus tim 1531 ircscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1212fcscope:ltversion:4.6.0

Trust: 1.0

vendor:siemensmodel:siplus s7-300 cpu 315-2 dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517f-3scope:ltversion:3.0.1

Trust: 1.0

vendor:シーメンスmodel:simatic s7-1200 cpu 1212cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1215fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1217cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1211cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1212fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1214fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1215cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1214cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1215 fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1215cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1214fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:siplus s7-1200 cp 1243-1 railscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-plcsim advancedscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1212fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1217cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1214cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1214 fcscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1211cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 12 1212cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-1200 cpu 1215fcscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500 software controllerscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic et 200sp open controller cpu 1515sp pc2scope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic drive controller familyscope:ltversion:v3.0.1

Trust: 0.6

vendor:siemensmodel:simatic s7-1200 cpu familyscope:ltversion:v4.6.0

Trust: 0.6

vendor:siemensmodel:simatic s7-1500 cpu familyscope:ltversion:v3.0.1

Trust: 0.6

vendor:siemensmodel:simatic s7-plcsim advancedscope:ltversion:v5.0

Trust: 0.6

vendor:siemensmodel:siplus tim ircscope:eqversion:1531

Trust: 0.6

vendor:siemensmodel:tim ircscope:eqversion:1531

Trust: 0.6

sources: CNVD: CNVD-2022-87982 // JVNDB: JVNDB-2021-020591 // NVD: CVE-2021-44695

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2021-44695
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2021-44695
value: HIGH

Trust: 1.0

OTHER: JVNDB-2021-020591
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2022-87982
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202212-2987
value: HIGH

Trust: 0.6

CNVD: CNVD-2022-87982
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

productcert@siemens.com: CVE-2021-44695
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 3.6
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2021-44695
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

OTHER: JVNDB-2021-020591
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-87982 // JVNDB: JVNDB-2021-020591 // CNNVD: CNNVD-202212-2987 // NVD: CVE-2021-44695 // NVD: CVE-2021-44695

PROBLEMTYPE DATA

problemtype:CWE-1286

Trust: 1.0

problemtype:CWE-20

Trust: 1.0

problemtype:Improper validation of syntactic correctness of input (CWE-1286) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-020591 // NVD: CVE-2021-44695

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202212-2987

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202212-2987

PATCH

title:Patch for Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87982)url:https://www.cnvd.org.cn/patchInfo/show/372486

Trust: 0.6

title:Siemens SIMATIC Drive Controller Enter the fix for the verification error vulnerabilityurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=245496

Trust: 0.6

sources: CNVD: CNVD-2022-87982 // CNNVD: CNNVD-202212-2987

EXTERNAL IDS

db:NVDid:CVE-2021-44695

Trust: 3.8

db:SIEMENSid:SSA-382653

Trust: 3.0

db:ICS CERTid:ICSA-22-349-03

Trust: 1.4

db:JVNid:JVNVU91561630

Trust: 0.8

db:JVNDBid:JVNDB-2021-020591

Trust: 0.8

db:CNVDid:CNVD-2022-87982

Trust: 0.6

db:CNNVDid:CNNVD-202212-2987

Trust: 0.6

sources: CNVD: CNVD-2022-87982 // JVNDB: JVNDB-2021-020591 // CNNVD: CNNVD-202212-2987 // NVD: CVE-2021-44695

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf

Trust: 2.4

url:https://jvn.jp/vu/jvnvu91561630/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-44695

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-03

Trust: 0.8

url:https://cert-portal.siemens.com/productcert/html/ssa-382653.html

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2021-44695/

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-349-03

Trust: 0.6

url:https://vigilance.fr/vulnerability/siemens-simatic-four-vulnerabilities-40092

Trust: 0.6

sources: CNVD: CNVD-2022-87982 // JVNDB: JVNDB-2021-020591 // CNNVD: CNNVD-202212-2987 // NVD: CVE-2021-44695

CREDITS

Gao Jian reported these vulnerabilities to Siemens.

Trust: 0.6

sources: CNNVD: CNNVD-202212-2987

SOURCES

db:CNVDid:CNVD-2022-87982
db:JVNDBid:JVNDB-2021-020591
db:CNNVDid:CNNVD-202212-2987
db:NVDid:CVE-2021-44695

LAST UPDATE DATE

2024-08-14T12:09:38.559000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-87982date:2022-12-16T00:00:00
db:JVNDBid:JVNDB-2021-020591date:2023-11-29T01:29:00
db:CNNVDid:CNNVD-202212-2987date:2023-07-12T00:00:00
db:NVDid:CVE-2021-44695date:2023-09-12T10:15:14.650

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-87982date:2022-12-16T00:00:00
db:JVNDBid:JVNDB-2021-020591date:2023-11-29T00:00:00
db:CNNVDid:CNNVD-202212-2987date:2022-12-13T00:00:00
db:NVDid:CVE-2021-44695date:2022-12-13T16:15:14.907