Vulnerabilities > CVE-2024-37990 - Unspecified vulnerability in Siemens products

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

siemens

NVD

Published: 2024-09-10

Updated: 2024-09-18

Summary

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device.

Vulnerable Configurations

Part	Description	Count
OS	Siemens Siemens Simatic Rf360R Firmware - Siemens Simatic Rf1170R Firmware * Siemens Simatic Rf1140R Firmware * Siemens Simatic Reader Rf685R FCC Firmware - Siemens Simatic Reader Rf685R Etsi Firmware - Siemens Simatic Reader Rf685R Cmiit Firmware - Siemens Simatic Reader Rf685R Arib Firmware - Siemens Simatic Reader Rf680R FCC Firmware - Siemens Simatic Reader Rf680R Etsi Firmware - Siemens Simatic Reader Rf680R Cmiit Firmware - Siemens Simatic Reader Rf680R Arib Firmware - Siemens Simatic Reader Rf650R FCC Firmware - Siemens Simatic Reader Rf650R Etsi Firmware - Siemens Simatic Reader Rf650R Cmiit Firmware - Siemens Simatic Reader Rf650R Arib Firmware - Siemens Simatic Reader Rf615R FCC Firmware - Siemens Simatic Reader Rf615R Etsi Firmware - Siemens Simatic Reader Rf615R Cmiit Firmware - Siemens Simatic Reader Rf610R FCC Firmware - Siemens Simatic Reader Rf610R Etsi Firmware - Siemens Simatic Reader Rf610R Cmiit Firmware - Siemens Simatic Rf188Ci Firmware - Siemens Simatic Rf188Ci Firmware 1.3 Siemens Simatic Rf188Ci Firmware 1.3.2 Siemens Simatic Rf188C Firmware - Siemens Simatic Rf188C Firmware 1.1.0 Siemens Simatic Rf186Ci Firmware - Siemens Simatic Rf186Ci Firmware 1.3 Siemens Simatic Rf186Ci Firmware 1.3.2 Siemens Simatic Rf186C Firmware - Siemens Simatic Rf186C Firmware 1.1.0 Siemens Simatic Rf186C Firmware 1.3 Siemens Simatic Rf185C Firmware - Siemens Simatic Rf185C Firmware 1.1.0 Siemens Simatic Rf185C Firmware 1.3 Siemens Simatic Rf166C Firmware - Siemens Simatic Rf166C Firmware 1.3.2	37
Hardware	Siemens Siemens Simatic Rf360R - Siemens Simatic Rf1170R - Siemens Simatic Rf1140R - Siemens Simatic Reader Rf685R FCC - Siemens Simatic Reader Rf685R Etsi - Siemens Simatic Reader Rf685R Cmiit - Siemens Simatic Reader Rf685R Arib - Siemens Simatic Reader Rf680R FCC - Siemens Simatic Reader Rf680R Etsi - Siemens Simatic Reader Rf680R Cmiit - Siemens Simatic Reader Rf680R Arib - Siemens Simatic Reader Rf650R FCC - Siemens Simatic Reader Rf650R Etsi - Siemens Simatic Reader Rf650R Cmiit - Siemens Simatic Reader Rf650R Arib - Siemens Simatic Reader Rf615R FCC - Siemens Simatic Reader Rf615R Etsi - Siemens Simatic Reader Rf615R Cmiit - Siemens Simatic Reader Rf610R FCC - Siemens Simatic Reader Rf610R Etsi - Siemens Simatic Reader Rf610R Cmiit - Siemens Simatic Rf188Ci - Siemens Simatic Rf188C - Siemens Simatic Rf186Ci - Siemens Simatic Rf186C - Siemens Simatic Rf185C - Siemens Simatic Rf166C -	27

References

https://cert-portal.siemens.com/productcert/html/ssa-765405.html