Vulnerabilities > CVE-2020-15796 - Uncaught Exception vulnerability in Siemens products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

siemens

CWE-248

NVD

Published: 2020-12-14

Updated: 2020-12-18

Summary

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a specially crafted HTTP request.

Vulnerable Configurations

Part	Description	Count
OS	Siemens Siemens Simatic ET 200Sp Open Controller Firmware - Siemens Simatic ET 200Sp Open Controller Firmware 20.8 Siemens Simatic S7 1500 Software Controller Firmware - Siemens Simatic S7 1500 Software Controller Firmware 2.1 Siemens Simatic S7 1500 Software Controller Firmware 20.8	5
Hardware	Siemens Siemens Simatic ET 200Sp Open Controller - Siemens Simatic S7 1500 Software Controller -	2

Common Weakness Enumeration (CWE)

CWE-248 - Uncaught Exception

Common Attack Pattern Enumeration and Classification (CAPEC)

Probe Application Error Reporting
An Attacker, aware of an application's location (and possibly authorized to use the application) can probe the application's structure and evaluate its robustness by probing its error conditions (not unlike one would during a 'fuzz' test, but more purposefully here) in order to support attacks such as blind SQL injection, or for the more general task of mapping the application to mount another subsequent attack.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-700697.pdf