Detections
Analytics

Siemens SIPROTEC 5 Devices Improper Input Validation (CVE-2021-41769)

high Tenable OT Security Plugin ID 500843

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MU85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7KE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SA86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SA87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SD87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ81 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SJ85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SJ86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SK82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SK85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7SL86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SL87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SS85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7ST85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7SX85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UM85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT82 devices (CPU variant CP100) (All versions < V8.83), SIPROTEC 5 7UT85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7UT87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VE85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 7VK87 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 Compact 7SX800 devices (CPU variant CP050) (All versions < V8.83). An improper input validation vulnerability in the web server could allow an unauthenticated user to access device information.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Siemens recommends updating to v8.83 or later versions

Siemens strongly recommends applying the provided security updates using the corresponding tooling and documented procedures made available with the product. If supported by the product, an automated means to apply the security updates across multiple product instances may be used. Siemens strongly recommends prior validation of any security update, and supervision by trained staff of the update process in the target environment.

As a general security measure Siemens strongly recommends protecting network access with appropriate mechanisms (e.g., firewalls, segmentation, VPN). Siemens also encourages users to configure the environment according to Siemens operational guidelines for industrial security in order to run the devices in a protected IT environment.

Siemens also recommends following security guidelines for Digital Grid Products.

For additional information, please refer to Siemens Security Advisory SSA-439673

See Also

https://cert-portal.siemens.com/productcert/pdf/ssa-439673.pdf

https://www.cisa.gov/news-events/ics-advisories/icsa-22-013-04

Plugin Details

Severity: High

ID: 500843

Version: 1.5

Type: remote

Family: Tenable.ot

Published: 2/28/2023

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2021-41769

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:siemens:7sa87_firmware, cpe:/o:siemens:7sj86_firmware, cpe:/o:siemens:7sl86_firmware, cpe:/o:siemens:7ut87_firmware, cpe:/o:siemens:7sl82_firmware, cpe:/o:siemens:7sk85_firmware, cpe:/o:siemens:6md89_firmware, cpe:/o:siemens:7sd86_firmware, cpe:/o:siemens:7ut86_firmware, cpe:/o:siemens:7sa82_firmware, cpe:/o:siemens:7ke85_firmware, cpe:/o:siemens:7sd87_firmware, cpe:/o:siemens:6mu85_firmware, cpe:/o:siemens:6md85_firmware, cpe:/o:siemens:7st85_firmware, cpe:/o:siemens:7sl87_firmware, cpe:/o:siemens:7sd82_firmware, cpe:/o:siemens:7sa86_firmware, cpe:/o:siemens:6md86_firmware, cpe:/o:siemens:7ve85_firmware, cpe:/o:siemens:7sk82_firmware, cpe:/o:siemens:7ut82_firmware, cpe:/o:siemens:7sj85_firmware, cpe:/o:siemens:7um85_firmware, cpe:/o:siemens:7vk87_firmware, cpe:/o:siemens:7sj82_firmware, cpe:/o:siemens:7ut85_firmware, cpe:/o:siemens:7ss85_firmware

Required KB Items: Tenable.ot/Siemens

Exploit Ease: No known exploits are available

Patch Publication Date: 1/11/2022

Vulnerability Publication Date: 1/11/2022

Reference Information

CVE: CVE-2021-41769

CWE: 20

ICSA: 22-013-04