Details of VAR-202409-0310

ID

VAR-202409-0310

CVE

CVE-2024-41171

TITLE

Siemens SINUMERIK ONE, SINUMERIK-840D and SINUMERIK828D Privilege Escalation Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2024-38021

DESCRIPTION

A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All versions < V5.24), SINUMERIK 840D sl V4 (All versions), SINUMERIK ONE (All versions < V6.24). Affected devices do not properly enforce access restrictions to scripts that are regularly executed by the system with elevated privileges. This could allow an authenticated local attacker to escalate their privileges in the underlying system. SINUMERIK CNC provides automation solutions for workshops, shop floors and large-scale batch production environments. SINUMERIK ONE is a digital native CNC system with an integrated SIMATIC S7-1500 CPU for automation

Trust: 1.44

sources: NVD: CVE-2024-41171 // CNVD: CNVD-2024-38021

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-38021

AFFECTED PRODUCTS

vendor:	siemens	model:	sinumerik one	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	sinumerik 840d sl	scope:	eq	version:	v4	Trust: 0.6
vendor:	siemens	model:	sinumerik 828d	scope:	eq	version:	v4	Trust: 0.6
vendor:	siemens	model:	sinumerik 828d	scope:	eq	version:	v5	Trust: 0.6

sources: CNVD: CNVD-2024-38021

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com:	CVE-2024-41171
value:	CRITICAL
Trust: 1.0
CNVD:	CNVD-2024-38021
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2024-38021
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

productcert@siemens.com:	CVE-2024-41171
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.0
impactScore:	6.0
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2024-38021 // NVD: CVE-2024-41171

PROBLEMTYPE DATA

problemtype:

CWE-732

Trust: 1.0

sources: NVD: CVE-2024-41171

PATCH

title:

Patch for Siemens SINUMERIK ONE, SINUMERIK-840D and SINUMERIK828D Privilege Escalation Vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/590281

Trust: 0.6

sources: CNVD: CNVD-2024-38021

EXTERNAL IDS

db:	SIEMENS	id:	SSA-342438	Trust: 1.6
db:	NVD	id:	CVE-2024-41171	Trust: 1.6
db:	CNVD	id:	CNVD-2024-38021	Trust: 0.6

sources: CNVD: CNVD-2024-38021 // NVD: CVE-2024-41171

REFERENCES

url:

https://cert-portal.siemens.com/productcert/html/ssa-342438.html

Trust: 1.6

sources: CNVD: CNVD-2024-38021 // NVD: CVE-2024-41171

SOURCES

db:	CNVD	id:	CNVD-2024-38021
db:	NVD	id:	CVE-2024-41171

LAST UPDATE DATE

2024-09-13T23:32:47.479000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2024-38021	date:	2024-09-12T00:00:00
db:	NVD	id:	CVE-2024-41171	date:	2024-09-10T12:09:50.377

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2024-38021	date:	2024-09-12T00:00:00
db:	NVD	id:	CVE-2024-41171	date:	2024-09-10T10:15:12