Vulnerabilities > CVE-2020-28397 - Incorrect Authorization vulnerability in Siemens products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

siemens

CWE-863

NVD

Published: 2021-08-10

Updated: 2021-12-10

Summary

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions > V2.5 < V2.9.2), SIMATIC S7-1500 Software Controller (All versions > V2.5 < V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once.

Vulnerable Configurations

Part	Description	Count
OS	Siemens Siemens CPU 1504D TF Firmware - Siemens CPU 1507D TF Firmware - Siemens CPU 1515Sp PC2 TF Firmware - Siemens Simatic S7 Plcsim Advanced Firmware 2.0 Siemens TIM 1531 IRC Firmware 2.1 Siemens CPU 1211C Firmware 4.4 Siemens CPU 1212C Firmware 4.4 Siemens CPU 1212Fc Firmware 4.4 Siemens CPU 1214Fc Firmware 4.4 Siemens CPU 1214C Firmware 4.4 Siemens CPU 1215Fc Firmware 4.4 Siemens CPU 1215C Firmware 4.4 Siemens CPU 1217C Firmware 4.4 Siemens Siplus CPU 1510Sp F 1PN Firmware * Siemens Siplus CPU 1511 1 PN Firmware * Siemens Siplus CPU 1511F 1 PN Firmware * Siemens Siplus CPU 1512Sp 1 PN Firmware * Siemens Siplus CPU 1512Sp F 1PN Firmware * Siemens Siplus CPU 1513 1 PN Firmware * Siemens Siplus CPU 1513F 1 PN Firmware * Siemens Siplus CPU 1516 3 Pn/Dp Firmware * Siemens Siplus CPU 1516F 3 Pn/Dp Firmware * Siemens Siplus CPU 1518 4 Pn/Dp Firmware * Siemens Siplus CPU 1518F 4 Pn/Dp Firmware * Siemens CPU 1510Sp 1PN Firmware 2.5 Siemens Cpu1510Sp F 1 Firmware * Siemens CPU 1511 1PN Firmware 2.5 Siemens CPU 1511C 1 PN Firmware 2.5 Siemens CPU 1511F 1PN Firmware 2.5 Siemens CPU 1511T 1PN Firmware 2.5 Siemens CPU 1511Tf 1PN Firmware 2.5 Siemens CPU 1512C 1 PN Firmware 2.5 Siemens CPU 1512Sp 1 PN Firmware * Siemens CPU 1512Sp F 1 PN Firmware * Siemens CPU 1513 1 PN Firmware * Siemens CPU 1513F 1 PN Firmware * Siemens CPU 1513R 1 PN Firmware * Siemens CPU 1513Pro F 2 PN Firmware * Siemens CPU 1515 2 Firmware * Siemens CPU 1515F 2 Firmware * Siemens CPU 1515R 2 PN Firmware * Siemens CPU 1515T 2 PN Firmware * Siemens CPU 1515Tf 2 PN Firmware * Siemens CPU 1516Pro F 2 PN Firmware * Siemens CPU 1516Pro 2 PN Firmware * Siemens CPU 1516 3 Firmware * Siemens CPU 1516F 3 Firmware * Siemens CPU 1516T 3 Pn/Dp Firmware * Siemens CPU 1516Tf 3 Pn/Dp Firmware * Siemens CPU 1517 3 Pn/Dp Firmware * Siemens CPU 1517F 3 Pn/Dp Firmware * Siemens CPU 1517T 3 Pn/Dp Firmware * Siemens CPU 1517Tf 3 Pn/Dp Firmware * Siemens CPU 1518 4 Pn/Dp Firmware * Siemens CPU 1518F 4 Pn/Dp Firmware *	55
Hardware	Siemens Siemens CPU 1504D TF - Siemens CPU 1507D TF - Siemens CPU 1515Sp PC2 TF - Siemens Simatic S7 Plcsim Advanced - Siemens TIM 1531 IRC - Siemens CPU 1211C - Siemens CPU 1212C - Siemens CPU 1212Fc - Siemens CPU 1214Fc - Siemens CPU 1214C - Siemens CPU 1215Fc - Siemens CPU 1215C - Siemens CPU 1217C - Siemens Siplus CPU 1510Sp F 1PN - Siemens Siplus CPU 1511 1 PN - Siemens Siplus CPU 1511F 1 PN - Siemens Siplus CPU 1512Sp 1 PN - Siemens Siplus CPU 1512Sp F 1PN - Siemens Siplus CPU 1513 1 PN - Siemens Siplus CPU 1513F 1 PN - Siemens Siplus CPU 1516 3 Pn/Dp - Siemens Siplus CPU 1516F 3 Pn/Dp - Siemens Siplus CPU 1518 4 Pn/Dp - Siemens Siplus CPU 1518F 4 Pn/Dp - Siemens CPU 1510Sp 1PN - Siemens Cpu1510Sp F 1 - Siemens CPU 1511 1PN - Siemens CPU 1511C 1 PN - Siemens CPU 1511F 1PN - Siemens CPU 1511T 1PN - Siemens CPU 1511Tf 1PN - Siemens CPU 1512C 1 PN - Siemens CPU 1512Sp 1 PN - Siemens CPU 1512Sp F 1 PN - Siemens CPU 1513 1 PN - Siemens CPU 1513F 1 PN - Siemens CPU 1513R 1 PN - Siemens CPU 1513Pro F 2 PN - Siemens CPU 1515 2 - Siemens CPU 1515F 2 - Siemens CPU 1515R 2 PN - Siemens CPU 1515T 2 PN - Siemens CPU 1515Tf 2 PN - Siemens CPU 1516Pro F 2 PN - Siemens CPU 1516Pro 2 PN - Siemens CPU 1516 3 - Siemens CPU 1516F 3 - Siemens CPU 1516T 3 Pn/Dp - Siemens CPU 1516Tf 3 Pn/Dp - Siemens CPU 1517 3 Pn/Dp - Siemens CPU 1517F 3 Pn/Dp - Siemens CPU 1517T 3 Pn/Dp - Siemens CPU 1517Tf 3 Pn/Dp - Siemens CPU 1518 4 Pn/Dp - Siemens CPU 1518F 4 Pn/Dp -	55
Application	Siemens Siemens Simatic S7 1500 Software Controller 2.5 Siemens Simatic S7 1500 Software Controller 2.6 Siemens Simatic S7 1500 Software Controller 2.7 Siemens Simatic S7 1500 Software Controller 20.8	4

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf