SSA-654798
Vulnerability from csaf_siemens
Published
2024-11-12 00:00
Modified
2024-11-12 00:00
Summary
SSA-654798: Incorrect Authorization Vulnerability in SIMATIC CP 1543-1 Devices

Notes

Summary
SIMATIC CP 1543-1 devices contain an Incorrect Authorization vulnerability that could allow an unauthenticated attacker to gain access to the filesystem. Siemens has released a new version for SIMATIC CP 1543-1 V4.0 and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.


To clipboard 

{
   document: {
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
         tlp: {
            label: "WHITE",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "SIMATIC CP 1543-1 devices contain an Incorrect Authorization vulnerability that could allow an unauthenticated attacker to gain access to the filesystem.\n\nSiemens has released a new version for SIMATIC CP 1543-1 V4.0 and recommends to update to the latest version.",
            title: "Summary",
         },
         {
            category: "general",
            text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
            title: "General Recommendations",
         },
         {
            category: "general",
            text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
            title: "Additional Resources",
         },
         {
            category: "legal_disclaimer",
            text: "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
            title: "Terms of Use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "productcert@siemens.com",
         name: "Siemens ProductCERT",
         namespace: "https://www.siemens.com",
      },
      references: [
         {
            category: "self",
            summary: "SSA-654798: Incorrect Authorization Vulnerability in SIMATIC CP 1543-1 Devices - HTML Version",
            url: "https://cert-portal.siemens.com/productcert/html/ssa-654798.html",
         },
         {
            category: "self",
            summary: "SSA-654798: Incorrect Authorization Vulnerability in SIMATIC CP 1543-1 Devices - CSAF Version",
            url: "https://cert-portal.siemens.com/productcert/csaf/ssa-654798.json",
         },
      ],
      title: "SSA-654798: Incorrect Authorization Vulnerability in SIMATIC CP 1543-1 Devices",
      tracking: {
         current_release_date: "2024-11-12T00:00:00Z",
         generator: {
            engine: {
               name: "Siemens ProductCERT CSAF Generator",
               version: "1",
            },
         },
         id: "SSA-654798",
         initial_release_date: "2024-11-12T00:00:00Z",
         revision_history: [
            {
               date: "2024-11-12T00:00:00Z",
               legacy_version: "1.0",
               number: "1",
               summary: "Publication Date",
            },
         ],
         status: "interim",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "vers:all/>=V4.0.44|<V4.0.50",
                        product: {
                           name: "SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0)",
                           product_id: "1",
                           product_identification_helper: {
                              model_numbers: [
                                 "6GK7543-1AX10-0XE0",
                              ],
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0)",
               },
            ],
            category: "vendor",
            name: "Siemens",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-50310",
         cwe: {
            id: "CWE-863",
            name: "Incorrect Authorization",
         },
         notes: [
            {
               category: "summary",
               text: "Affected devices do not properly handle authorization. This could allow an unauthenticated remote attacker to gain access to the filesystem.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "1",
            ],
         },
         remediations: [
            {
               category: "mitigation",
               details: "Restrict access to port 8448/tcp to trusted systems only",
               product_ids: [
                  "1",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update to V4.0.50 or later version",
               product_ids: [
                  "1",
               ],
               url: "https://support.industry.siemens.com/cs/ww/en/view/109976120/",
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "1",
               ],
            },
         ],
         title: "CVE-2024-50310",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.