ID

VAR-202312-0234


CVE

CVE-2023-46283


TITLE

Classic buffer overflow vulnerability in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2023-019621

DESCRIPTION

A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash. Opcenter Quality , SIMATIC PCS neo , sinumerik integrate runmyhmi /automotive A classic buffer overflow vulnerability exists in several Siemens products.Service operation interruption (DoS) It may be in a state. Opcenter Quality is a quality management system (QMS) that enables organizations to ensure compliance, optimize quality, reduce defect and rework costs, and achieve operational excellence by increasing process stability. SIMATIC PCS neo is a distributed control system (DCS). The SINUMERIK integrated product suite facilitates simple networking of machine tools in IT in production environments. User Management Component (UMC) is an integrated component that enables system-wide centralized maintenance of users

Trust: 2.16

sources: NVD: CVE-2023-46283 // JVNDB: JVNDB-2023-019621 // CNVD: CNVD-2023-97276

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2023-97276

AFFECTED PRODUCTS

vendor:siemensmodel:simatic pcs neoscope:ltversion:4.1

Trust: 1.6

vendor:siemensmodel:totally integrated automation portalscope:ltversion:17

Trust: 1.0

vendor:siemensmodel:totally integrated automation portalscope:ltversion:15

Trust: 1.0

vendor:siemensmodel:totally integrated automation portalscope:ltversion:18

Trust: 1.0

vendor:siemensmodel:totally integrated automation portalscope:eqversion:18

Trust: 1.0

vendor:siemensmodel:totally integrated automation portalscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:totally integrated automation portalscope:gteversion:17

Trust: 1.0

vendor:siemensmodel:totally integrated automation portalscope:gteversion:15

Trust: 1.0

vendor:siemensmodel:opcenter qualityscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:totally integrated automation portalscope:ltversion:16

Trust: 1.0

vendor:siemensmodel:totally integrated automation portalscope:gteversion:16

Trust: 1.0

vendor:siemensmodel:totally integrated automation portalscope:gteversion:14.0

Trust: 1.0

vendor:siemensmodel:sinumerik integrate runmyhmi \/automotivescope:eqversion: -

Trust: 1.0

vendor:シーメンスmodel:simatic pcs neoscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:opcenter qualityscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:totally integrated automation portalscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:sinumerik integrate runmyhmi /automotivescope: - version: -

Trust: 0.8

vendor:siemensmodel:totally integrated automation portalscope:eqversion:v16

Trust: 0.6

vendor:siemensmodel:totally integrated automation portalscope:eqversion:v17

Trust: 0.6

vendor:siemensmodel:totally integrated automation portalscope:eqversion:v14

Trust: 0.6

vendor:siemensmodel:totally integrated automation portalscope:eqversion:v15.1

Trust: 0.6

vendor:siemensmodel:opcenter qualityscope: - version: -

Trust: 0.6

vendor:siemensmodel:sinumerik integrate runmyhmi /automotivescope: - version: -

Trust: 0.6

vendor:siemensmodel:totally integrated automation portal updatescope:eqversion:v18<v183

Trust: 0.6

sources: CNVD: CNVD-2023-97276 // JVNDB: JVNDB-2023-019621 // NVD: CVE-2023-46283

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2023-46283
value: HIGH

Trust: 1.0

OTHER: JVNDB-2023-019621
value: HIGH

Trust: 0.8

CNVD: CNVD-2023-97276
value: HIGH

Trust: 0.6

CNVD: CNVD-2023-97276
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

productcert@siemens.com: CVE-2023-46283
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

OTHER: JVNDB-2023-019621
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2023-97276 // JVNDB: JVNDB-2023-019621 // NVD: CVE-2023-46283

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

problemtype:Classic buffer overflow (CWE-120) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-019621 // NVD: CVE-2023-46283

PATCH

title:Patch for Siemens User Management Component (UMC) classic buffer overflow vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/500451

Trust: 0.6

sources: CNVD: CNVD-2023-97276

EXTERNAL IDS

db:NVDid:CVE-2023-46283

Trust: 3.2

db:SIEMENSid:SSA-999588

Trust: 2.4

db:JVNid:JVNVU98271228

Trust: 0.8

db:ICS CERTid:ICSA-23-348-03

Trust: 0.8

db:JVNDBid:JVNDB-2023-019621

Trust: 0.8

db:CNVDid:CNVD-2023-97276

Trust: 0.6

sources: CNVD: CNVD-2023-97276 // JVNDB: JVNDB-2023-019621 // NVD: CVE-2023-46283

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf

Trust: 1.8

url:https://cert-portal.siemens.com/productcert/html/ssa-999588.html

Trust: 1.6

url:https://jvn.jp/vu/jvnvu98271228/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-46283

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-03

Trust: 0.8

sources: CNVD: CNVD-2023-97276 // JVNDB: JVNDB-2023-019621 // NVD: CVE-2023-46283

SOURCES

db:CNVDid:CNVD-2023-97276
db:JVNDBid:JVNDB-2023-019621
db:NVDid:CVE-2023-46283

LAST UPDATE DATE

2024-10-08T21:47:47.005000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2023-97276date:2023-12-13T00:00:00
db:JVNDBid:JVNDB-2023-019621date:2024-01-15T02:22:00
db:NVDid:CVE-2023-46283date:2024-10-08T09:15:09.543

SOURCES RELEASE DATE

db:CNVDid:CNVD-2023-97276date:2023-12-15T00:00:00
db:JVNDBid:JVNDB-2023-019621date:2024-01-15T00:00:00
db:NVDid:CVE-2023-46283date:2023-12-12T12:15:14.067