CVE-2021-42029

Published Apr 12, 2022
Last updated 2 years ago
CVSS high 7.8
Overview

Description: A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.
Source: productcert@siemens.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses

nvd@nist.gov: NVD-CWE-Other
productcert@siemens.com: CWE-284
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBCA2BFB-EEEB-4722-AC33-CBBFE92289BC",
            "versionEndExcluding": "16",
            "versionStartIncluding": "15"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66CB66B9-176E-4FA3-BC67-E7C5972A307C"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_step_7:16:update1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF2D6947-576B-4CA7-B4E4-F0B428FA5ABB"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_step_7:16:update2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70AA41B2-8C18-4436-8C77-E6391EB0D8C9"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_step_7:16:update3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AF2FE58-C7FC-4FD6-8026-E23AEAAA29CB"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_step_7:16:update4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C22708F4-5386-4C7A-B11A-677B8DDC36A0"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_step_7:17:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "211B89EA-80D2-441D-8CD6-693CCB1407F7"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_step_7:17:update1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B23F0A5-8F54-407F-9DE1-30B10BAC6D85"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F2B63726-10CE-46AB-ADBA-A511E770E162"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1211c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3871C0C9-C65E-4E0B-9CA8-75E60066297F"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "07849777-92E7-41D2-9128-F8D20DE15391"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212fc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "68B3573B-A31E-4489-B2DD-B01B5C1D03CB"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B640800C-9263-4BEA-9DA5-1323932540BD"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FE17584A-BF7A-48B8-A9CB-477663766C63"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214fc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EDE46D66-A6B6-4554-8642-7F3E7E3AA22D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215_fc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "76C7D55C-8D99-4E2F-A254-1BDE2B12A203"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC4698CF-F935-4707-BA91-7E3650C7956C"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215fc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4866FF7B-B34A-4828-94A8-BD0A0B6F4C88"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1217c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "232279DE-CF1C-4A3C-886D-B4CE3F104F09"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "01048F7F-9C5B-47C0-AE16-321FCA670F3D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1507s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "39C1392C-38E2-4AF9-AF17-91B93BC6B9B8"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1507s_f:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F1ED29DF-8AC0-4BB6-ACE2-EBC0A2B87F96"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1508s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "46CBD063-6CF0-45E6-A9D1-C7F8709806AA"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1508s_f:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A2079B95-E885-4490-BCEA-62BBEAF9CB51"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1510sp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9D7ECCF7-E3EE-46A0-BC03-51AAEBCD03EE"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1510sp-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "38232B80-9EDE-4BE4-BD4C-0E84B18EC39A"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D8B9B76B-D790-44B9-AC2A-7E0719C4D56C"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511-1_pn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F62F4050-F6C9-4C8F-8E09-F0AEEDB6B1FC"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "822894D4-96D5-4BDC-A698-D31262BCF422"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511c-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3F580D0D-F406-4586-9C54-EF44703FDA30"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511f-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A6B51EFC-2168-4B28-9527-A8DC62781709"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511f-1_pn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3A3E8A67-2A29-4DE9-AF1B-D74A42D55D1E"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511t-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DBA72709-BC38-425F-8EBD-FE16C5A86140"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511tf-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6E76D7BD-0529-4A51-9866-8AF5241A5184"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512c:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D2E24A4C-AC13-4382-BDF6-E13878FED4DC"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512c-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D7933577-8564-4DE4-AAED-62F87E3C3353"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512sp-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A0E822C9-6983-4CC6-BC51-822563DF7BCE"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512spf-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "77BD8110-76B4-4D5C-BFF7-E5F1D0EA9CD6"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2E7889F5-D499-41A6-B1BB-264F988884D8"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513-1_pn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D6663D66-5127-4F5D-B39D-50D3F88F4435"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513f-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F2962FF0-D865-4D15-B1A7-EFC0501972A6"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513f-1_pn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "69DE61DE-5B71-4F35-AC4F-C6EC24A7DDAA"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513r-1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7E2F34DF-3A55-49A4-9A9C-80C99B367079"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EB7605AF-2B00-49DD-BC32-37E6CF9ED625"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515-2_pn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ABE9C79B-52A3-45F4-9DA5-6D61A6BF7753"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515f-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "21A4E04A-EB99-4AB2-9B30-C70DB11A6C8D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515f-2_pn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EDE82551-008D-4B75-BDB5-3DD30ADD1863"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515r-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EA0AEBFA-682F-4F5D-8FAA-D517AE3B3D0C"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515t-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D7BC3993-1CB0-4C1D-BC04-ED69BA814B24"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515tf-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "89839624-6FA1-4377-A3B4-9CB704555E2B"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B6D611B2-4D81-4838-B612-8D17196A5B78"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_dp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B5FD1F20-E507-4422-814D-19614CDB49B7"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_pn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "439E1B3E-7174-4BAC-A11A-F4F37ABB7291"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_pn\\/dp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A5C12961-CCF4-4248-9E43-8866671A257A"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516f-3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "44C84DC4-1E8C-431B-AF23-AA86CE316928"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516f-3_pn\\/dp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5787D689-D80C-47BC-A0C2-E45E0FAD49D9"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516pro-2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AD3A239E-41CB-4222-8146-745B15C206C3"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516pro_f:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "298EF297-949E-45E9-9A57-8D07986DED10"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516t-3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "27653C38-64A3-4DE2-8B65-BBC356A396AE"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516tf-3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A66C6524-9076-4C4E-B518-586BB1FF7107"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C03BFBC2-E30D-4DAF-BDE0-06F97D1A0E92"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3_dp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ABE53C35-490A-498B-8CAB-B874C0E17AF1"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3_pn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4C44E126-E4D9-44D8-B8B9-10F060D63A2B"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3_pn\\/dp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "984F6E53-482D-4282-BBAA-87B0375310FA"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517f-3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3F4C4030-4BFE-4EA0-9967-F77EEB5113E0"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517f-3_pn\\/dp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DB2327DF-ADA4-453E-A35E-E986D822F1E7"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517tf-3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E1BD045A-0DC6-4D6F-A596-B24ECA84936B"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE0BA68C-EB57-49CE-94A8-E7905AB79824"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "836BC49A-F358-410D-A5CC-D62DAC7D624F"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_dp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6772D5F3-35EE-4C94-B6D5-31500F440CCF"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4245AED2-3F58-40D0-BF8A-8E930E1730B7"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "40F38253-92F5-4A3A-AA07-292F7542D8A6"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3BC4FA01-8DDB-41E4-B759-7B504F78AEBC"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1F37885E-AC96-4043-892F-55AEFAFA675D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn\\/dp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DB469732-E3C2-45BC-8F65-C1B6A676A974"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518hf-4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "914D507E-5C6E-4BA7-B5EA-549A01E0C34D"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518t-4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7EF0A62F-8EC0-4EB8-821A-14B17D87DD8A"
          },
          {
            "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518tf-4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "223AA9C0-89FA-459D-949F-FB9D3551C06F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
