CVE-2020-15782

Published May 28, 2021

Last updated 3 years ago

CVSS critical 9.8

Overview

Description: A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions < V6.15), SINUMERIK ONE (All versions < V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.
Source: productcert@siemens.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

productcert@siemens.com: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1504d_tf:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6150A06A-0EB8-46CC-A118-2E70BF183CFE"
          },
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1507d_tf:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1F33CBC2-330D-4791-9BAB-ECEF3720BBC0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:simatic_driver_controller_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7B8C5FB-3BF8-4A74-AB58-474D754CFBBA",
            "versionEndExcluding": "2.9.2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1211c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "172D341B-D863-4C24-9B6E-633EBE87C8C9"
          },
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1212c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1B475E4F-EE4F-4435-9F0B-8E4FA35377BE"
          },
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1212fc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1402D624-5AF3-4E25-A2B0-9D9F214EE8FE"
          },
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1214c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1F714315-8BEB-4BD3-BE59-C6649A0A105E"
          },
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1214fc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2A988C9F-60DF-4BC5-A890-F03F445DD9BD"
          },
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1215c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C90820D3-3F3E-4DC4-9DCE-A498CC26268D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1215fc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BAF22AB6-6DAA-4983-99DB-4F2A2E76856F"
          },
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1217c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4C95F12D-563A-4915-9F26-A461EB4F8FA1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:s7-1200_cpu_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6852AC11-6388-4D26-923E-DB8933F05EDC",
            "versionEndExcluding": "4.5.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6es7510-1dj01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0645616B-B515-49BE-9C9A-33A0E9E7C108"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7510-1sj01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8D11FF81-01F3-4B07-B57C-8B43DAD3640A"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7511-1ak01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B9FFB12A-E3B7-4273-AAAF-0AECB9BB69C0"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7511-1ak02-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "25A19AB0-CCC8-4513-8182-68CE66F136F1"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7511-1ck00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DED5460A-76CF-4830-AAFB-A10CE7EFD129"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7511-1ck01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "207FD076-F2B7-4DE5-8390-E135A09DBD26"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7511-1fk01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DF0FB5A5-A930-4635-B483-991611967E1E"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7511-1fk02-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F039613-55B4-45E9-9E12-9603DF424A6A"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7511-1tk01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BA18592B-0624-4C06-AC5E-1336E9E02C11"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7511-1uk01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F3C00821-4873-4B80-ADC5-FED9FFD810DC"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7512-1ck00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4E4D7484-F6E9-4A5C-9695-691FC48D602C"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7512-1ck01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DE762064-FE24-4A1D-94DA-7411CC701B8A"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7512-1dk01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2A1B45F7-14BA-45B5-AE0F-25F4E77CB40E"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7512-1sk01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC5C0BB0-A443-4764-9A9F-828882556665"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7513-1al01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7CC9DB1B-DDAC-4FD2-BB9E-F64941C14E58"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7513-1al02-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1C01A87E-E18E-4E83-BCC5-AAE48E177B96"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7513-1fl01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5426F764-765B-4E80-86D5-A86EF95A53F6"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7513-1fl02-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F16BF979-9B89-42C9-8B5D-2A9F5E76F10E"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7513-1rl00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D7FC9267-B12D-4E13-BEB5-7D61989C1047"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7513-2gl00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "91E3A8F5-7BC8-43C5-84D9-00DCEB4D4E05"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7513-2pl00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CAA520E3-A01E-441C-95B3-B3481C4405C4"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7515-2am01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DBFB9E73-59C8-4E05-ABDD-335315EE37CD"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7515-2am02-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "225036D8-E501-4069-9D30-C243AE79CA2B"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7515-2fm01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "69F4097E-27F4-43EB-81E7-BD497477396F"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7515-2fm02-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CF247FF5-E912-44E1-8D0A-781912797783"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7515-2rm00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B707B729-AEF1-446D-9E85-5504BF098635"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7515-2tm01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6DD88AAE-1926-47AA-9071-E657053D9A91"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7515-2um01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C71F8606-63FC-4BC6-830C-1FF19B30110A"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7516-2gn00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DEA0DD75-F6B4-41A7-A9AA-03FAFAA38B16"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7516-2pn00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1CBB9517-4F18-4CB9-B7F3-4D30D6E9DCE2"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7516-3an01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "56C07F7B-5042-44BA-B5F3-438A60A776D7"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7516-3an02-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9D2412B1-8ADC-48AC-85CF-BAE6E3674B29"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7516-3fn01-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B6F8F1FC-3F9A-48B0-A6EE-9AB66AB4A1E5"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7516-3fn02-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BC0DCCCE-1348-48FC-BD48-0D23F4A8A69D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7516-3tn00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E728548F-2F18-4BF4-8A32-83CBAE2D5A12"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7516-3un00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE4AEE6E-03BA-4302-9D77-FC3102A216E9"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7517-3ap00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C49DB60C-69FB-4251-9185-02CABCB66E86"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7517-3fp00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5628EB18-2D21-40F2-ACCC-65EF5D9A5BB3"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7517-3hp00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2E341A3B-D0F6-49EC-AE13-CC2D0DA6AF15"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7517-3tp00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BD084757-FD90-45BA-96D2-F885741EE205"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7517-3up00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1A49F3BE-3391-423F-9EBC-5DAEB1A33C06"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7518-4ap00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A40D89C7-A781-407A-B675-507E3211EB38"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7518-4ap00-3ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "91BAF17B-E442-48E2-8484-547CB4375213"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7518-4fp00-0ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F17DE4F0-A475-4F08-99A5-36744978FEB2"
          },
          {
            "criteria": "cpe:2.3:h:siemens:6es7518-4fp00-3ab0:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BC059287-41DD-4926-A17A-ED256541AD28"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:s7-1500_cpu_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D8BEAD8-461A-4832-8BF7-9F2CE8ADB6BC",
            "versionEndExcluding": "2.9.2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:siemens:simatic_s7-1500__software_controller:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6745F8B-D98C-4410-AB01-CE6EE3DDCB4A"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E58BF80D-955E-44DE-B376-FC632C197390",
            "versionEndExcluding": "4.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1515sp_pc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2F01ED37-3930-48BD-B911-388775A1715A"
          },
          {
            "criteria": "cpe:2.3:h:siemens:cpu_1515sp_pc2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "02DE6F0F-C1FD-4007-AFA4-12F79C8DF1EC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:et_200sp_open_controller_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EA915A3-BC37-4907-8207-AD3B2E4C488F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References