ID

VAR-202312-0199


CVE

CVE-2023-49691


TITLE

in multiple Siemens products  OS  Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2023-019858

DESCRIPTION

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.0), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.0), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.0), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.0), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.0), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.0), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.0), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.0), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.0), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.0), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.0), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.0), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.0), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.0), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.0). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the handling of the DDNS configuration. This could allow malicious local administrators to issue commands on system level after a successful IP address update. 6gk6108-4am00-2ba2 firmware, 6gk6108-4am00-2da2 firmware, 6gk5804-0ap00-2aa2 Several Siemens products, such as firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SCALANCE M-800, MUM-800 and S615 as well as RUGGEDCOM RM1224 are industrial routers. Siemens SCALANCE M-800/S615 series has an operating system command injection vulnerability that allows an attacker to execute commands on the system

Trust: 2.16

sources: NVD: CVE-2023-49691 // JVNDB: JVNDB-2023-019858 // CNVD: CNVD-2023-97258

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2023-97258

AFFECTED PRODUCTS

vendor:siemensmodel:scalance m876-4scope:ltversion:v8.0

Trust: 1.8

vendor:siemensmodel:scalance m812-1 adsl-routerscope:ltversion:v8.0

Trust: 1.2

vendor:siemensmodel:scalance m816-1 adsl-routerscope:ltversion:v8.0

Trust: 1.2

vendor:siemensmodel:scalance m876-3scope:ltversion:v8.0

Trust: 1.2

vendor:siemensmodel:scalance mum856-1scope:ltversion:v8.0

Trust: 1.2

vendor:siemensmodel:6gk5876-3aa02-2ea2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk6108-4am00-2ba2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5856-2ea00-3da1scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5816-1ba00-2aa2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5812-1ba00-2aa2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5816-1aa00-2aa2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5615-0aa00-2aa2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5856-2ea00-3aa1scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5876-4aa10-2ba2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5876-3aa02-2ba2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5615-0aa01-2aa2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5826-2ab00-2ab2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5874-3aa00-2aa2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5876-4aa00-2ba2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5874-2aa00-2aa2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5853-2ea00-2da1scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5812-1aa00-2aa2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5804-0ap00-2aa2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk5876-4aa00-2da2scope:ltversion:8.0

Trust: 1.0

vendor:siemensmodel:6gk6108-4am00-2da2scope:ltversion:8.0

Trust: 1.0

vendor:シーメンスmodel:6gk5853-2ea00-2da1scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5812-1aa00-2aa2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5856-2ea00-3aa1scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5874-3aa00-2aa2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5615-0aa00-2aa2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5816-1ba00-2aa2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5876-3aa02-2ea2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5615-0aa01-2aa2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5874-2aa00-2aa2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5876-4aa00-2da2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5876-4aa10-2ba2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5876-3aa02-2ba2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5816-1aa00-2aa2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk6108-4am00-2da2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5804-0ap00-2aa2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk6108-4am00-2ba2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5812-1ba00-2aa2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5826-2ab00-2ab2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5856-2ea00-3da1scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6gk5876-4aa00-2ba2scope: - version: -

Trust: 0.8

vendor:siemensmodel:ruggedcom rm1224 lte euscope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:ruggedcom rm1224 lte namscope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance m804pbscope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance m826-2 shdsl-routerscope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance m874-2scope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance m874-3scope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance mum853-1scope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance s615scope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance s615 eecscope:ltversion:v8.0

Trust: 0.6

sources: CNVD: CNVD-2023-97258 // JVNDB: JVNDB-2023-019858 // NVD: CVE-2023-49691

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-49691
value: MEDIUM

Trust: 1.0

productcert@siemens.com: CVE-2023-49691
value: HIGH

Trust: 1.0

NVD: CVE-2023-49691
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2023-97258
value: HIGH

Trust: 0.6

CNVD: CNVD-2023-97258
severity: HIGH
baseScore: 8.3
vectorString: AV:N/AC:L/AU:M/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: MULTIPLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.4
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2023-49691
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 1.0

productcert@siemens.com: CVE-2023-49691
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2023-49691
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2023-97258 // JVNDB: JVNDB-2023-019858 // NVD: CVE-2023-49691 // NVD: CVE-2023-49691

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

problemtype:OS Command injection (CWE-78) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-019858 // NVD: CVE-2023-49691

PATCH

title:Patch for Siemens SCALANCE M-800/S615 series operating system command injection vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/500366

Trust: 0.6

sources: CNVD: CNVD-2023-97258

EXTERNAL IDS

db:NVDid:CVE-2023-49691

Trust: 3.2

db:SIEMENSid:SSA-180704

Trust: 2.4

db:SIEMENSid:SSA-602936

Trust: 1.0

db:SIEMENSid:SSA-690517

Trust: 1.0

db:JVNid:JVNVU91198149

Trust: 0.8

db:JVNid:JVNVU93250330

Trust: 0.8

db:JVNid:JVNVU98271228

Trust: 0.8

db:ICS CERTid:ICSA-24-165-12

Trust: 0.8

db:ICS CERTid:ICSA-24-046-09

Trust: 0.8

db:ICS CERTid:ICSA-23-348-14

Trust: 0.8

db:JVNDBid:JVNDB-2023-019858

Trust: 0.8

db:CNVDid:CNVD-2023-97258

Trust: 0.6

sources: CNVD: CNVD-2023-97258 // JVNDB: JVNDB-2023-019858 // NVD: CVE-2023-49691

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf

Trust: 1.8

url:https://cert-portal.siemens.com/productcert/html/ssa-180704.html

Trust: 1.6

url:https://cert-portal.siemens.com/productcert/html/ssa-602936.html

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-690517.html

Trust: 1.0

url:https://jvn.jp/vu/jvnvu98271228/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu91198149/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu93250330/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-49691

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-14

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-09

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-12

Trust: 0.8

sources: CNVD: CNVD-2023-97258 // JVNDB: JVNDB-2023-019858 // NVD: CVE-2023-49691

SOURCES

db:CNVDid:CNVD-2023-97258
db:JVNDBid:JVNDB-2023-019858
db:NVDid:CVE-2023-49691

LAST UPDATE DATE

2024-08-14T12:46:32.774000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2023-97258date:2023-12-13T00:00:00
db:JVNDBid:JVNDB-2023-019858date:2024-06-17T05:39:00
db:NVDid:CVE-2023-49691date:2024-08-13T08:15:09.340

SOURCES RELEASE DATE

db:CNVDid:CNVD-2023-97258date:2023-12-14T00:00:00
db:JVNDBid:JVNDB-2023-019858date:2024-01-15T00:00:00
db:NVDid:CVE-2023-49691date:2023-12-12T12:15:15.990