CVE-2020-15782
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions < V6.15), SINUMERIK ONE (All versions < V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | SIMATIC Drive Controller family | All versions < V2.9.2 | affected |
| Siemens | SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) | All versions | affected |
| Siemens | SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) | All versions < V21.9 | affected |
| Siemens | SIMATIC S7-1200 CPU family (incl. SIPLUS variants) | All versions < V4.5.0 | affected |
| Siemens | SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) | All versions < V2.9.2 | affected |
| Siemens | SIMATIC S7-1500 Software Controller | All versions < V21.9 | affected |
| Siemens | SIMATIC S7-PLCSIM Advanced | All versions < V4.0 | affected |
| Siemens | SINAMICS PERFECT HARMONY GH180 Drives | Drives manufactured before 2021-08-13 | affected |
| Siemens | SINUMERIK MC | All versions < V6.15 | affected |
| Siemens | SINUMERIK ONE | All versions < V6.15 | affected |
Weaknesses
- CWE-119: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
ADP Enrichment
CVE Program Container
Additional References
- https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-434534.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-434536.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-434535.pdf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.