Details of VAR-202409-0272

ID

VAR-202409-0272

CVE

CVE-2023-30755

TITLE

Siemens Industrial Products Null Pointer Dereference Vulnerability (CNVD-2024-38016)

Trust: 0.6

sources: CNVD: CNVD-2024-38016

DESCRIPTION

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.5.20), SIMATIC CP 1243-7 LTE (All versions < V3.5.20), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.5.20), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). The web server of the affected devices do not properly handle the shutdown or reboot request, which could lead to the clean up of certain resources. This could allow a remote attacker with elevated privileges to cause a denial of service condition in the system. SIMATIC CP 1242 and CP 1243 related processors connect SIMATIC S7-1200 controllers to wide area networks (WANs). They offer integrated security features such as firewalls, virtual private networks (VPNs) and support for other data encryption protocols. SIMATIC HMI Panels are used for operator control and monitoring of machines and plants. SIMATIC IPC DiagBase diagnostics software allows early identification of any potential faults on SIMATIC industrial computers and helps to avoid or reduce system downtime. SIMATIC IPC DiagMonitor monitors, reports, visualizes and logs the system status of SIMATIC IPCs. It communicates with other systems and reacts when events occur. Communication processor (CP) modules SIMATIC TIM 3V-IE and TIM 4R-IE are designed to enable Ethernet or telecontrol communication for SIMATIC S7-300/S7-400 CPUs. SIMATIC WinCC Runtime Advanced is a visualization runtime platform for operator control and monitoring of machines and plants. SIPLUS extreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products they are based on. Siemens Industrial products have a null pointer dereference vulnerability

Trust: 1.44

sources: NVD: CVE-2023-30755 // CNVD: CNVD-2024-38016

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-38016

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic ipc diagmonitor	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic wincc runtime advanced	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	siplus tim irc	scope:	eq	version:	1531	Trust: 0.6
vendor:	siemens	model:	simatic ipc diagbase	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	tim irc	scope:	eq	version:	1531<v2.4.8	Trust: 0.6
vendor:	siemens	model:	simatic cp	scope:	eq	version:	1242-7v2<v3.5.20	Trust: 0.6
vendor:	siemens	model:	simatic cp	scope:	eq	version:	1243-1<v3.5.20	Trust: 0.6
vendor:	siemens	model:	simatic cp dnp3	scope:	eq	version:	1243-1<v3.5.20	Trust: 0.6
vendor:	siemens	model:	simatic cp iec	scope:	eq	version:	1243-1<v3.5.20	Trust: 0.6
vendor:	siemens	model:	simatic cp lte	scope:	eq	version:	1243-7<v3.5.20	Trust: 0.6
vendor:	siemens	model:	simatic cp irc	scope:	eq	version:	1243-8<v3.5.20	Trust: 0.6
vendor:	siemens	model:	simatic hmi comfort panels	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2024-38016

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com:	CVE-2023-30755
value:	MEDIUM
Trust: 1.0
CNVD:	CNVD-2024-38016
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2024-38016
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

productcert@siemens.com:	CVE-2023-30755
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	0.7
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2024-38016 // NVD: CVE-2023-30755

PROBLEMTYPE DATA

problemtype:

CWE-476

Trust: 1.0

sources: NVD: CVE-2023-30755

PATCH

title:

Patch for Siemens Industrial Products Null Pointer Dereference Vulnerability (CNVD-2024-38016)

url:

https://www.cnvd.org.cn/patchInfo/show/590306

Trust: 0.6

sources: CNVD: CNVD-2024-38016

EXTERNAL IDS

db:	SIEMENS	id:	SSA-423808	Trust: 1.6
db:	NVD	id:	CVE-2023-30755	Trust: 1.6
db:	CNVD	id:	CNVD-2024-38016	Trust: 0.6

sources: CNVD: CNVD-2024-38016 // NVD: CVE-2023-30755

REFERENCES

url:

https://cert-portal.siemens.com/productcert/html/ssa-423808.html

Trust: 1.6

sources: CNVD: CNVD-2024-38016 // NVD: CVE-2023-30755

SOURCES

db:	CNVD	id:	CNVD-2024-38016
db:	NVD	id:	CVE-2023-30755

LAST UPDATE DATE

2024-09-13T23:28:46.308000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2024-38016	date:	2024-09-12T00:00:00
db:	NVD	id:	CVE-2023-30755	date:	2024-09-10T12:09:50.377

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2024-38016	date:	2024-09-12T00:00:00
db:	NVD	id:	CVE-2023-30755	date:	2024-09-10T10:15:05.940