CVE-2021-31893

Published Jul 13, 2021

Last updated 3 years ago

CVSS high 7.8

Overview

Description: A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.
Source: productcert@siemens.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

productcert@siemens.com: CWE-120

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:simatic_pcs_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EEA55DF-23A5-4D3D-A2EC-EFFFBD8A7C3F",
            "versionEndIncluding": "8.2"
          },
          {
            "criteria": "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81FDDB73-5C1A-448E-A88E-835F04DB8444"
          },
          {
            "criteria": "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39CC2ACC-62C3-434D-AB36-B73CA7CD5935"
          },
          {
            "criteria": "cpe:2.3:o:siemens:simatic_pcs_firmware:9.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6FE8718-AC43-4AD8-9226-2382CB588F7F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:simatic_pcs:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5BEAC421-FE31-4F16-8DB1-B816FDD66D64"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCE0E117-5AB1-4D65-84CA-1F4A48664C93",
            "versionEndExcluding": "9.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E092B735-42D5-48D5-947B-288C0FA2E180"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:simatic_step_7_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06CA9ADA-EEEA-4655-93FA-11EF309D869B",
            "versionEndIncluding": "5.6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:simatic_step_7:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FB1FE00B-0613-4819-8D50-A5A0B6A190D1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:sinamics_starter_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACF25F6B-8DC4-4835-AE2F-2E03D3FA4C8C",
            "versionEndExcluding": "5.4"
          },
          {
            "criteria": "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D01AB88-A23C-4105-9D5C-DEAA8C2AAFE9"
          },
          {
            "criteria": "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C803017D-BCE6-4638-A54F-D29CA8AE5ABC"
          },
          {
            "criteria": "cpe:2.3:o:siemens:sinamics_starter_firmware:5.4:hotfix_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5900915-29CC-4F36-9622-4E81038CE932"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:sinamics_starter:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C3E8B354-CB0D-40F1-BC2B-C2355974C2A9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References