ID

VAR-202406-0059


CVE

CVE-2024-35292


TITLE

Siemens S7-200 SMART series uses insecure random values ​​vulnerability

Trust: 0.6

sources: CNVD: CNVD-2024-26691

DESCRIPTION

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) (All versions), SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) (All versions). Affected devices are using a predictable IP ID sequence number. This leaves the system susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack and eventually could allow an attacker to create a denial of service condition. The S7-200 SMART series is a series of micro programmable logic controllers that can control a variety of small automation applications. The Siemens S7-200 SMART series has an unsafe random value vulnerability that can be exploited by attackers to create a denial of service condition

Trust: 1.44

sources: NVD: CVE-2024-35292 // CNVD: CNVD-2024-26691

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2024-26691

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-200 smart cpu st30scope: - version: -

Trust: 1.2

vendor:siemensmodel:simatic s7-200 smart cpu st40scope: - version: -

Trust: 1.2

vendor:siemensmodel:simatic s7-200 smart cpu st60scope: - version: -

Trust: 1.2

vendor:siemensmodel:simatic s7-200 smart cpu sr20scope: - version: -

Trust: 1.2

vendor:siemensmodel:simatic s7-200 smart cpu sr30scope: - version: -

Trust: 1.2

vendor:siemensmodel:simatic s7-200 smart cpu sr40scope: - version: -

Trust: 1.2

vendor:siemensmodel:simatic s7-200 smart cpu sr60scope: - version: -

Trust: 1.2

vendor:siemensmodel:simatic s7-200 smart cpu st20scope: - version: -

Trust: 1.2

vendor:siemensmodel:simatic s7-200 smart cpu cr40scope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-200 smart cpu cr60scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2024-26691

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2024-35292
value: HIGH

Trust: 1.0

CNVD: CNVD-2024-26691
value: HIGH

Trust: 0.6

CNVD: CNVD-2024-26691
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

productcert@siemens.com: CVE-2024-35292
baseSeverity: HIGH
baseScore: 8.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.2
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2024-26691 // NVD: CVE-2024-35292

PROBLEMTYPE DATA

problemtype:CWE-330

Trust: 1.0

sources: NVD: CVE-2024-35292

PATCH

title:Patch for Siemens S7-200 SMART series uses insecure random values ​​vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/555126

Trust: 0.6

sources: CNVD: CNVD-2024-26691

EXTERNAL IDS

db:NVDid:CVE-2024-35292

Trust: 1.6

db:SIEMENSid:SSA-481506

Trust: 1.6

db:CNVDid:CNVD-2024-26691

Trust: 0.6

sources: CNVD: CNVD-2024-26691 // NVD: CVE-2024-35292

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-481506.html

Trust: 1.6

sources: CNVD: CNVD-2024-26691 // NVD: CVE-2024-35292

SOURCES

db:CNVDid:CNVD-2024-26691
db:NVDid:CVE-2024-35292

LAST UPDATE DATE

2024-08-14T15:41:12.733000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2024-26691date:2024-06-12T00:00:00
db:NVDid:CVE-2024-35292date:2024-06-11T13:54:12.057

SOURCES RELEASE DATE

db:CNVDid:CNVD-2024-26691date:2024-06-12T00:00:00
db:NVDid:CVE-2024-35292date:2024-06-11T12:15:18.150