Vulnerabilites related to Siemens - SIMATIC Information Server 2022
cve-2024-35783
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2025-01-14 10:30
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
9.4 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
9.4 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions < V2020 SP2 Update 5), SIMATIC Information Server 2022 (All versions < V2022 SP1 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC06), SIMATIC Process Historian 2020 (All versions < V2020 SP2 Update 5), SIMATIC Process Historian 2022 (All versions < V2022 SP1 Update 2), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 3), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 18), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products run their DB server with elevated privileges which could allow an authenticated attacker to execute arbitrary OS commands with administrative privileges.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC BATCH V9.1 |
Version: 0 < * |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:18:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:19:*:*:*:*:*:*:*", "cpe:2.3:h:siemens:simatic_process_historian:2020:-:*:*:*:*:*:*", "cpe:2.3:a:siemens:simatic_process_historian:2022:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:simatic_information_server:2020:-:*:*:*:*:*:*", "cpe:2.3:a:siemens:simatic_information_server:2022:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:simatic_batch:9.1:-:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_batch", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_wincc", vendor: "siemens", versions: [ { lessThan: "7.5_sp2_update_18", status: "affected", version: "7.4", versionType: "custom", }, { lessThan: "8.0_update_5", status: "affected", version: "8.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-35783", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-10T15:12:46.700884Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-10T17:31:08.389Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC BATCH V9.1", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Information Server 2020", vendor: "Siemens", versions: [ { lessThan: "V2020 SP2 Update 5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Information Server 2022", vendor: "Siemens", versions: [ { lessThan: "V2022 SP1 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { lessThan: "V9.1 SP2 UC06", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Process Historian 2020", vendor: "Siemens", versions: [ { lessThan: "V2020 SP2 Update 5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Process Historian 2022", vendor: "Siemens", versions: [ { lessThan: "V2022 SP1 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V18", vendor: "Siemens", versions: [ { lessThan: "V18 Update 5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { lessThan: "V7.5 SP2 Update 18", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V8.0", vendor: "Siemens", versions: [ { lessThan: "V8.0 Update 5", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions < V2020 SP2 Update 5), SIMATIC Information Server 2022 (All versions < V2022 SP1 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC06), SIMATIC Process Historian 2020 (All versions < V2020 SP2 Update 5), SIMATIC Process Historian 2022 (All versions < V2022 SP1 Update 2), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 3), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 18), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products run their DB server with elevated privileges which could allow an authenticated attacker to execute arbitrary OS commands with administrative privileges.", }, ], metrics: [ { cvssV3_1: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 9.4, baseSeverity: "CRITICAL", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-250", description: "CWE-250: Execution with Unnecessary Privileges", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-14T10:30:01.253Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-629254.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-35783", datePublished: "2024-09-10T09:36:32.225Z", dateReserved: "2024-05-17T11:07:53.264Z", dateUpdated: "2025-01-14T10:30:01.253Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-33698
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2025-03-11 09:47
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Foundation (All versions), Opcenter Quality (All versions), Opcenter RDL (All versions), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions), SINEMA Remote Connect Client (All versions < V3.2 SP3), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 5), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 3). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Foundation |
Version: 0 < * |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_pcs_neo", vendor: "siemens", versions: [ { lessThan: "4.1_update_2", status: "affected", version: "4.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:totally_integrated_automation_portal:16:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:totally_integrated_automation_portal:19:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:simatic_pcs_neo:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:simatic_information_server:2022:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:simatic_information_server:2024:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "simatic_information_server", vendor: "siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:siemens:totally_integrated_automation_portal:17:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "totally_integrated_automation_portal", vendor: "siemens", versions: [ { lessThan: "17_update_8", status: "affected", version: "17", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-33698", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-10T17:32:07.999463Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-10T18:26:36.889Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "Opcenter Execution Foundation", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Opcenter Quality", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Opcenter RDL", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS neo V4.0", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS neo V4.1", vendor: "Siemens", versions: [ { lessThan: "V4.1 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS neo V5.0", vendor: "Siemens", versions: [ { lessThan: "V5.0 Update 1", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINEC NMS", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SINEMA Remote Connect Client", vendor: "Siemens", versions: [ { lessThan: "V3.2 SP3", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V16", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V17", vendor: "Siemens", versions: [ { lessThan: "V17 Update 8", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V18", vendor: "Siemens", versions: [ { lessThan: "V18 Update 5", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "Totally Integrated Automation Portal (TIA Portal) V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 3", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Opcenter Execution Foundation (All versions), Opcenter Quality (All versions), Opcenter RDL (All versions), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions), SINEMA Remote Connect Client (All versions < V3.2 SP3), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 5), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 3). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.", }, ], metrics: [ { cvssV3_1: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 9.3, baseSeverity: "CRITICAL", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-11T09:47:51.007Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-039007.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2024-33698", datePublished: "2024-09-10T09:36:31.009Z", dateReserved: "2024-04-26T12:32:09.263Z", dateUpdated: "2025-03-11T09:47:51.007Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }