Vulnerabilities > CVE-2021-42029 - Unspecified vulnerability in Siemens Simatic Step 7

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

siemens

NVD

Published: 2022-04-12

Updated: 2022-08-09

Summary

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.

Vulnerable Configurations

Part	Description	Count
Application	Siemens Siemens Simatic Step 7 16 Siemens Simatic Step 7 15 Siemens Simatic Step 7 15.1 Siemens Simatic Step 7 17	10
Hardware	Siemens Siemens Simatic S7 1200 CPU 1211C - Siemens Simatic S7 1200 CPU 1212C - Siemens Simatic S7 1200 CPU 1214C - Siemens Simatic S7 1200 CPU 1215C - Siemens Simatic S7 1200 CPU 1217C - Siemens Simatic S7 1500 CPU 1518 - Siemens Simatic S7 1500 CPU 1511C - Siemens Simatic S7 1500 CPU 1512C - Siemens Simatic S7 1200 CPU - Siemens Simatic S7 1500 CPU - Siemens Simatic S7 1500 CPU 1511 1 PN - Siemens Simatic S7 1500 CPU 1513 1 PN - Siemens Simatic S7 1500 CPU 1515 2 PN - Siemens Simatic S7 1500 CPU 1516 3 PN - Siemens Simatic S7 1500 CPU 1516 3 DP - Siemens Simatic S7 1500 CPU 1517 3 PN - Siemens Simatic S7 1500 CPU 1517 3 DP - Siemens Simatic S7 1500 CPU 1518 4 PN - Siemens Simatic S7 1500 CPU 1518 4 DP - Siemens Simatic S7 1500 CPU 1507S - Siemens Simatic S7 1500 CPU 1508S - Siemens Simatic S7 1500 CPU 1507S F - Siemens Simatic S7 1500 CPU 1508S F - Siemens Simatic S7 1500 CPU 1516 3 Pn/Dp - Siemens Simatic S7 1500 CPU 1517 3 Pn/Dp - Siemens Simatic S7 1500 CPU 1518 4 Pn/Dp - Siemens Simatic S7 1500 CPU 1511F 1 PN - Siemens Simatic S7 1500 CPU 1513F 1 PN - Siemens Simatic S7 1500 CPU 1515F 2 PN - Siemens Simatic S7 1500 CPU 1516F 3 Pn/Dp - Siemens Simatic S7 1500 CPU 1517F 3 Pn/Dp - Siemens Simatic S7 1500 CPU 1518F 4 Pn/Dp - Siemens Simatic S7 1200 CPU 1212Fc - Siemens Simatic S7 1200 CPU 1214 FC - Siemens Simatic S7 1200 CPU 1215 FC - Siemens Simatic S7 1500 CPU 1518 4 Pn/Dp MFP - Siemens Simatic S7 1200 CPU 1214Fc - Siemens Simatic S7 1200 CPU 1215Fc - Siemens Simatic S7 1500 CPU 1510Sp 1 - Siemens Simatic S7 1500 CPU 1510Sp - Siemens Simatic S7 1500 CPU 1511 1 - Siemens Simatic S7 1500 CPU 1511C 1 - Siemens Simatic S7 1500 CPU 1511F 1 - Siemens Simatic S7 1500 CPU 1511T 1 - Siemens Simatic S7 1500 CPU 1511Tf 1 - Siemens Simatic S7 1500 CPU 1512C 1 - Siemens Simatic S7 1500 CPU 1512Sp 1 - Siemens Simatic S7 1500 CPU 1512Spf 1 - Siemens Simatic S7 1500 CPU 1513 1 - Siemens Simatic S7 1500 CPU 1513F 1 - Siemens Simatic S7 1500 CPU 1513R 1 - Siemens Simatic S7 1500 CPU 1515 2 - Siemens Simatic S7 1500 CPU 1515F 2 - Siemens Simatic S7 1500 CPU 1515R 2 - Siemens Simatic S7 1500 CPU 1515T 2 - Siemens Simatic S7 1500 CPU 1515Tf 2 - Siemens Simatic S7 1500 CPU 1516 3 - Siemens Simatic S7 1500 CPU 1516F 3 - Siemens Simatic S7 1500 CPU 1516Pro 2 - Siemens Simatic S7 1500 CPU 1516Pro F - Siemens Simatic S7 1500 CPU 1516T 3 - Siemens Simatic S7 1500 CPU 1516Tf 3 - Siemens Simatic S7 1500 CPU 1517 3 - Siemens Simatic S7 1500 CPU 1517F 3 - Siemens Simatic S7 1500 CPU 1517Tf 3 - Siemens Simatic S7 1500 CPU 1518 4 - Siemens Simatic S7 1500 CPU 1518F 4 - Siemens Simatic S7 1500 CPU 1518Hf 4 - Siemens Simatic S7 1500 CPU 1518T 4 - Siemens Simatic S7 1500 CPU 1518Tf 4 -	70

References

https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf