cvelistv5 - cve-2021-32499

cve-2021-32499

Vulnerability from cvelistv5

Published

2021-12-17 16:10

Modified

2024-08-03 23:17

Severity ?

Summary

SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.

References

▼	URL	Tags
	psirt@sick.de	https://sick.com/psirt#advisories	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sick.com/psirt#advisories	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	n/a	SICK SOPAS ET	Version: all versions before 4.8.0

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T23:17:29.576Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://sick.com/psirt#advisories",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "SICK SOPAS ET",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "all versions before 4.8.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Acceptance of Extraneous Untrusted Data With Trusted Data",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-12-17T16:10:01",
            orgId: "a6863dd2-93fc-443d-bef1-79f0b5020988",
            shortName: "SICK AG",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://sick.com/psirt#advisories",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@sick.de",
               ID: "CVE-2021-32499",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "SICK SOPAS ET",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "all versions before 4.8.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Acceptance of Extraneous Untrusted Data With Trusted Data",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://sick.com/psirt#advisories",
                     refsource: "MISC",
                     url: "https://sick.com/psirt#advisories",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a6863dd2-93fc-443d-bef1-79f0b5020988",
      assignerShortName: "SICK AG",
      cveId: "CVE-2021-32499",
      datePublished: "2021-12-17T16:10:01",
      dateReserved: "2021-05-10T00:00:00",
      dateUpdated: "2024-08-03T23:17:29.576Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2021-32499\",\"sourceIdentifier\":\"psirt@sick.de\",\"published\":\"2021-12-17T17:15:12.747\",\"lastModified\":\"2024-11-21T06:07:09.393\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.\"},{\"lang\":\"es\",\"value\":\"SICK SOPAS ET versiones anteriores a 4.8.0, permite a atacantes manipular los argumentos de la línea de comandos para pasar cualquier valor al ejecutable del emulador\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-74\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sick:sopas_engineering_tool:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.8.0\",\"matchCriteriaId\":\"38898887-C58A-45D2-A40B-538F999C4C18\"}]}]}],\"references\":[{\"url\":\"https://sick.com/psirt#advisories\",\"source\":\"psirt@sick.de\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://sick.com/psirt#advisories\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
   },
}

sca-2021-0004

Vulnerability from csaf_sick

Published

2021-12-16 08:00

Modified

2021-12-17 08:00

Summary

Vulnerabilities in SICK SOPAS ET

Notes

General Security Measures

As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.

Vulnerability Classification

SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.

SICK received a report from Eden Bar of Claroty about multiple security vulnerabilities in the SICK SOPAS ET software. An unauthorized attacker could potentially craft a malicious SOPAS Device Driver (SDD) file, that if a user imports that file to SOPAS ET could allow arbitrary code execution on the target system. Currently SICK is not aware of any public exploits specifically targeting any of the vulnerabilities. SICK has released a new version of the SICK SOPAS ET software and recommends updating to the newest version.

JSON

To clipboard

{
   document: {
      acknowledgments: [
         {
            names: [
               "Eden Bar",
            ],
            organization: "Claroty",
         },
      ],
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en-US",
      notes: [
         {
            category: "general",
            text: "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
            title: "General Security Measures",
         },
         {
            category: "general",
            text: "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
            title: "Vulnerability Classification",
         },
         {
            category: "summary",
            text: "SICK received a report from Eden Bar of Claroty about multiple security vulnerabilities in the SICK SOPAS ET software.\n\nAn unauthorized attacker could potentially craft a malicious SOPAS Device Driver (SDD) file, that if a user imports that file to SOPAS ET could allow arbitrary code execution on the target system.\n\nCurrently SICK is not aware of any public exploits specifically targeting any of the vulnerabilities. SICK has released a new version of the SICK SOPAS ET software and recommends updating to the newest version.",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "psirt@sick.de",
         issuing_authority: "SICK PSIRT is responsible for any vulnerabilities related to SICK products.",
         name: "SICK PSIRT",
         namespace: "https://sick.com/psirt",
      },
      references: [
         {
            summary: "SICK PSIRT Security Advisories",
            url: "https://sick.com/psirt",
         },
         {
            summary: "SICK Operating Guidelines",
            url: "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF",
         },
         {
            summary: "ICS-CERT recommended practices on Industrial Security",
            url: "http://ics-cert.us-cert.gov/content/recommended-practices",
         },
         {
            summary: "CVSS v3.1 Calculator",
            url: "https://www.first.org/cvss/calculator/3.1",
         },
         {
            category: "self",
            summary: "The canonical URL.",
            url: "https://www.sick.com/.well-known/csaf/white/2021/sca-2021-0004.json",
         },
      ],
      title: "Vulnerabilities in SICK SOPAS ET",
      tracking: {
         current_release_date: "2021-12-17T08:00:00.000Z",
         generator: {
            date: "2023-02-10T07:46:51.595Z",
            engine: {
               name: "Secvisogram",
               version: "2.0.0",
            },
         },
         id: "SCA-2021-0004",
         initial_release_date: "2021-12-16T08:00:00.000Z",
         revision_history: [
            {
               date: "2021-12-17T08:00:00.000Z",
               number: "1",
               summary: "Initial Release",
            },
            {
               date: "2023-02-10T11:00:00.000Z",
               number: "2",
               summary: "Updated Advisory (only visual changes)",
            },
         ],
         status: "final",
         version: "2",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<2021.4(4.8.0)",
                        product: {
                           name: "SICK SOPAS Engineering Tool <2021.4 (4.8.0)",
                           product_id: "CSAFPID-0001",
                           product_identification_helper: {
                              x_generic_uris: [
                                 {
                                    namespace: "SICK:Website",
                                    uri: "SICK:Website:https://www.sick.com/de/de/p/p367244",
                                 },
                              ],
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "4.8.0",
                        product: {
                           name: "SICK SOPAS Engineering Tool 4.8.0",
                           product_id: "CSAFPID-0002",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SOPAS Engineering Tool",
               },
            ],
            category: "vendor",
            name: "SICK AG",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2021-32497",
         cwe: {
            id: "CWE-829",
            name: "Inclusion of Functionality from Untrusted Control Sphere",
         },
         notes: [
            {
               category: "summary",
               text: "SDD files might contain an executable file that will be listed as the Emulators inside SOPAS ET. When \na user starts the emulator, the executable is run without further checks. Attackers could wrap any \nexecutable file into an SDD and provide this to a SOPAS ET user. When installing the SDD the user \nmay not be aware about the executable inside of the SDD.",
               title: "Summary",
            },
         ],
         product_status: {
            fixed: [
               "CSAFPID-0002",
            ],
            known_affected: [
               "CSAFPID-0001",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE Entry",
               url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32497",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "Update to at least version 4.8.0",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
               ],
            },
         ],
      },
      {
         cve: "CVE-2021-32498",
         cwe: {
            id: "CWE-22",
            name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
         },
         notes: [
            {
               category: "summary",
               text: "When an SDD contains an emulator, the emulator location is part of the SDD manifest. Attackers could manipulate this location and use path traversal to target an arbitrary executable located on the host system. When the user starts the emulator from SOPAS ET, the corresponding executable will be started instead of the emulator.",
            },
         ],
         product_status: {
            fixed: [
               "CSAFPID-0002",
            ],
            known_affected: [
               "CSAFPID-0001",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE Entry",
               url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32498",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "Update to at least version 4.8.0",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
               ],
            },
         ],
      },
      {
         cve: "CVE-2021-32499",
         cwe: {
            id: "CWE-349",
            name: "Acceptance of Extraneous Untrusted Data With Trusted Data",
         },
         notes: [
            {
               category: "summary",
               text: "The command line arguments that are passed to an emulator when starting it via SOPAS ET, are part \nof the SDD manifest. Attackers could manipulate the arguments to pass in any value to the \nexecutable. In combination with CVE-2021-32498 the attacker could target an arbitrary executable \nwith any arguments on the host system.\n",
            },
         ],
         product_status: {
            fixed: [
               "CSAFPID-0002",
            ],
            known_affected: [
               "CSAFPID-0001",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE Entry",
               url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32499",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "Update to at least version 4.8.0",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
               ],
            },
         ],
      },
   ],
}

SCA-2021-0004

Vulnerability from csaf_sick

Published

2021-12-16 08:00

Modified

2021-12-17 08:00

Summary

Vulnerabilities in SICK SOPAS ET

Notes

General Security Measures

Vulnerability Classification

JSON

To clipboard

{
   document: {
      acknowledgments: [
         {
            names: [
               "Eden Bar",
            ],
            organization: "Claroty",
         },
      ],
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en-US",
      notes: [
         {
            category: "general",
            text: "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
            title: "General Security Measures",
         },
         {
            category: "general",
            text: "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
            title: "Vulnerability Classification",
         },
         {
            category: "summary",
            text: "SICK received a report from Eden Bar of Claroty about multiple security vulnerabilities in the SICK SOPAS ET software.\n\nAn unauthorized attacker could potentially craft a malicious SOPAS Device Driver (SDD) file, that if a user imports that file to SOPAS ET could allow arbitrary code execution on the target system.\n\nCurrently SICK is not aware of any public exploits specifically targeting any of the vulnerabilities. SICK has released a new version of the SICK SOPAS ET software and recommends updating to the newest version.",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "psirt@sick.de",
         issuing_authority: "SICK PSIRT is responsible for any vulnerabilities related to SICK products.",
         name: "SICK PSIRT",
         namespace: "https://sick.com/psirt",
      },
      references: [
         {
            summary: "SICK PSIRT Security Advisories",
            url: "https://sick.com/psirt",
         },
         {
            summary: "SICK Operating Guidelines",
            url: "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF",
         },
         {
            summary: "ICS-CERT recommended practices on Industrial Security",
            url: "http://ics-cert.us-cert.gov/content/recommended-practices",
         },
         {
            summary: "CVSS v3.1 Calculator",
            url: "https://www.first.org/cvss/calculator/3.1",
         },
         {
            category: "self",
            summary: "The canonical URL.",
            url: "https://www.sick.com/.well-known/csaf/white/2021/sca-2021-0004.json",
         },
      ],
      title: "Vulnerabilities in SICK SOPAS ET",
      tracking: {
         current_release_date: "2021-12-17T08:00:00.000Z",
         generator: {
            date: "2023-02-10T07:46:51.595Z",
            engine: {
               name: "Secvisogram",
               version: "2.0.0",
            },
         },
         id: "SCA-2021-0004",
         initial_release_date: "2021-12-16T08:00:00.000Z",
         revision_history: [
            {
               date: "2021-12-17T08:00:00.000Z",
               number: "1",
               summary: "Initial Release",
            },
            {
               date: "2023-02-10T11:00:00.000Z",
               number: "2",
               summary: "Updated Advisory (only visual changes)",
            },
         ],
         status: "final",
         version: "2",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<2021.4(4.8.0)",
                        product: {
                           name: "SICK SOPAS Engineering Tool <2021.4 (4.8.0)",
                           product_id: "CSAFPID-0001",
                           product_identification_helper: {
                              x_generic_uris: [
                                 {
                                    namespace: "SICK:Website",
                                    uri: "SICK:Website:https://www.sick.com/de/de/p/p367244",
                                 },
                              ],
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "4.8.0",
                        product: {
                           name: "SICK SOPAS Engineering Tool 4.8.0",
                           product_id: "CSAFPID-0002",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SOPAS Engineering Tool",
               },
            ],
            category: "vendor",
            name: "SICK AG",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2021-32497",
         cwe: {
            id: "CWE-829",
            name: "Inclusion of Functionality from Untrusted Control Sphere",
         },
         notes: [
            {
               category: "summary",
               text: "SDD files might contain an executable file that will be listed as the Emulators inside SOPAS ET. When \na user starts the emulator, the executable is run without further checks. Attackers could wrap any \nexecutable file into an SDD and provide this to a SOPAS ET user. When installing the SDD the user \nmay not be aware about the executable inside of the SDD.",
               title: "Summary",
            },
         ],
         product_status: {
            fixed: [
               "CSAFPID-0002",
            ],
            known_affected: [
               "CSAFPID-0001",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE Entry",
               url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32497",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "Update to at least version 4.8.0",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
               ],
            },
         ],
      },
      {
         cve: "CVE-2021-32498",
         cwe: {
            id: "CWE-22",
            name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
         },
         notes: [
            {
               category: "summary",
               text: "When an SDD contains an emulator, the emulator location is part of the SDD manifest. Attackers could manipulate this location and use path traversal to target an arbitrary executable located on the host system. When the user starts the emulator from SOPAS ET, the corresponding executable will be started instead of the emulator.",
            },
         ],
         product_status: {
            fixed: [
               "CSAFPID-0002",
            ],
            known_affected: [
               "CSAFPID-0001",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE Entry",
               url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32498",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "Update to at least version 4.8.0",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
               ],
            },
         ],
      },
      {
         cve: "CVE-2021-32499",
         cwe: {
            id: "CWE-349",
            name: "Acceptance of Extraneous Untrusted Data With Trusted Data",
         },
         notes: [
            {
               category: "summary",
               text: "The command line arguments that are passed to an emulator when starting it via SOPAS ET, are part \nof the SDD manifest. Attackers could manipulate the arguments to pass in any value to the \nexecutable. In combination with CVE-2021-32498 the attacker could target an arbitrary executable \nwith any arguments on the host system.\n",
            },
         ],
         product_status: {
            fixed: [
               "CSAFPID-0002",
            ],
            known_affected: [
               "CSAFPID-0001",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE Entry",
               url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32499",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "Update to at least version 4.8.0",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
               ],
            },
         ],
      },
   ],
}

ghsa-v67w-c85h-9g7v

Vulnerability from github

Published

2021-12-18 00:00

Modified

2022-07-13 00:01

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2021-32499",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-77",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2021-12-17T17:15:00Z",
      severity: "HIGH",
   },
   details: "SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.",
   id: "GHSA-v67w-c85h-9g7v",
   modified: "2022-07-13T00:01:25Z",
   published: "2021-12-18T00:00:49Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2021-32499",
      },
      {
         type: "WEB",
         url: "https://sick.com/psirt#advisories",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
         type: "CVSS_V3",
      },
   ],
}

fkie_cve-2021-32499

Vulnerability from fkie_nvd

Published

2021-12-17 17:15

Modified

2024-11-21 06:07

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.

References

▼	URL	Tags
	psirt@sick.de	https://sick.com/psirt#advisories	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sick.com/psirt#advisories	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	sick	sopas_engineering_tool	*

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:sick:sopas_engineering_tool:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "38898887-C58A-45D2-A40B-538F999C4C18",
                     versionEndExcluding: "4.8.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.",
      },
      {
         lang: "es",
         value: "SICK SOPAS ET versiones anteriores a 4.8.0, permite a atacantes manipular los argumentos de la línea de comandos para pasar cualquier valor al ejecutable del emulador",
      },
   ],
   id: "CVE-2021-32499",
   lastModified: "2024-11-21T06:07:09.393",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-12-17T17:15:12.747",
   references: [
      {
         source: "psirt@sick.de",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://sick.com/psirt#advisories",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://sick.com/psirt#advisories",
      },
   ],
   sourceIdentifier: "psirt@sick.de",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-74",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

gsd-2021-32499

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.

Aliases

CVE-2021-32499

Aliases

CVE-2021-32499

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2021-32499",
      description: "SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.",
      id: "GSD-2021-32499",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2021-32499",
         ],
         details: "SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.",
         id: "GSD-2021-32499",
         modified: "2023-12-13T01:23:08.746638Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "psirt@sick.de",
            ID: "CVE-2021-32499",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "SICK SOPAS ET",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "all versions before 4.8.0",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "n/a",
                  },
               ],
            },
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.",
               },
            ],
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        lang: "eng",
                        value: "Acceptance of Extraneous Untrusted Data With Trusted Data",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "https://sick.com/psirt#advisories",
                  refsource: "MISC",
                  url: "https://sick.com/psirt#advisories",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         configurations: {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:sick:sopas_engineering_tool:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndExcluding: "4.8.0",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
            ],
         },
         cve: {
            CVE_data_meta: {
               ASSIGNER: "psirt@sick.de",
               ID: "CVE-2021-32499",
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "en",
                     value: "SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "en",
                           value: "CWE-77",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://sick.com/psirt#advisories",
                     refsource: "MISC",
                     tags: [
                        "Patch",
                        "Vendor Advisory",
                     ],
                     url: "https://sick.com/psirt#advisories",
                  },
               ],
            },
         },
         impact: {
            baseMetricV2: {
               acInsufInfo: false,
               cvssV2: {
                  accessComplexity: "LOW",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  availabilityImpact: "NONE",
                  baseScore: 5,
                  confidentialityImpact: "NONE",
                  integrityImpact: "PARTIAL",
                  vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                  version: "2.0",
               },
               exploitabilityScore: 10,
               impactScore: 2.9,
               obtainAllPrivilege: false,
               obtainOtherPrivilege: false,
               obtainUserPrivilege: false,
               severity: "MEDIUM",
               userInteractionRequired: false,
            },
            baseMetricV3: {
               cvssV3: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               exploitabilityScore: 3.9,
               impactScore: 3.6,
            },
         },
         lastModifiedDate: "2021-12-27T18:49Z",
         publishedDate: "2021-12-17T17:15Z",
      },
   },
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2021-32499

Vulnerability from cvelistv5

sca-2021-0004

Vulnerability from csaf_sick

SCA-2021-0004

Vulnerability from csaf_sick

ghsa-v67w-c85h-9g7v

Vulnerability from github

fkie_cve-2021-32499

Vulnerability from fkie_nvd

gsd-2021-32499

Vulnerability from gsd

Tags

Sightings

Nomenclature