Sign-up

ID

VAR-202410-0098


CVE

CVE-2024-46887


TITLE

Siemens products have authentication bypass vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2024-40034

DESCRIPTION

The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load. SIMATIC Drive Controllers are designed for the automation of production machines and combine the functionality of a SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC ET 200SP Open Controller is a PC-based version of the SIMATIC S7-1500 controller including optional visualization as well as central I/O in a compact device. SIMATIC S7-1500 CPUs are designed for discrete and continuous control in industrial environments such as global manufacturing, food and beverage, and chemical industries. SIMATIC S7-1500 MFP CPUs offer the functionality of standard S7-1500 CPUs with the ability to run C/C++ code in the CPU runtime to execute your own functions/algorithms implemented in C/C++. SIMATIC S7-1500 Software Controller is a SIMATIC software controller for PC-based automation solutions. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to emulate PLCs, even in virtualized environments

Trust: 1.44

sources: NVD: CVE-2024-46887 // CNVD: CNVD-2024-40034

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2024-40034

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-1500 software controllerscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-plcsim advancedscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic et 200sp open controller cpu 1515sp pc2scope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-1500 cpu familyscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic drive controller familyscope:ltversion:3.1.4

Trust: 0.6

sources: CNVD: CNVD-2024-40034

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2024-46887
value: MEDIUM

Trust: 1.0

CNVD: CNVD-2024-40034
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2024-40034
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

productcert@siemens.com: CVE-2024-46887
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2024-40034 // NVD: CVE-2024-46887

PROBLEMTYPE DATA

problemtype:CWE-288

Trust: 1.0

sources: NVD: CVE-2024-46887

PATCH

title:Patch for Siemens products have authentication bypass vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/598531

Trust: 0.6

sources: CNVD: CNVD-2024-40034

EXTERNAL IDS

db:SIEMENSid:SSA-054046

Trust: 1.6

db:NVDid:CVE-2024-46887

Trust: 1.6

db:CNVDid:CNVD-2024-40034

Trust: 0.6

sources: CNVD: CNVD-2024-40034 // NVD: CVE-2024-46887

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-054046.html

Trust: 1.6

sources: CNVD: CNVD-2024-40034 // NVD: CVE-2024-46887

SOURCES

db:CNVDid:CNVD-2024-40034
db:NVDid:CVE-2024-46887

LAST UPDATE DATE

2024-10-18T04:03:35.045000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2024-40034date:2024-10-10T00:00:00
db:NVDid:CVE-2024-46887date:2024-10-10T12:56:30.817

SOURCES RELEASE DATE

db:CNVDid:CNVD-2024-40034date:2024-10-10T00:00:00
db:NVDid:CVE-2024-46887date:2024-10-08T09:15:16.447