https://cert-portal.siemens.com/productcert/pdf/ssa-838121.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-01
Severity: High
ID: 500616
Version: 1.10
Type: remote
Family: Tenable.ot
Published: 3/21/2022
Updated: 9/4/2024
Supported Sensors: Tenable OT Security
Risk Factor: Low
Score: 3.6
Risk Factor: High
Base Score: 7.1
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C
CVSS Score Source: CVE-2021-37205
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: cpe:/o:siemens:simatic_s7-1200_cpu_1215c_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1511c-1_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1512sp-1_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1518f-4_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1512c-1_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1510sp_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1516pro-2_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1517-3_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1517f-3_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1513f-1_firmware, cpe:/o:siemens:simatic_s7-1200_cpu_1212c_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1518hf-4_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1518t-4_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1512spf-1_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1511tf-1_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1513-1_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_cpu_1513pro-2_firmware, cpe:/o:siemens:simatic_s7-1200_cpu_1211c_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1518tf-4_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1510sp-1_firmware, cpe:/o:siemens:simatic_s7-1200_cpu_1214c_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1511-1_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1517tf-3_firmware, cpe:/o:siemens:simatic_s7-1200_cpu_1215fc_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1515-2_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1515f-2_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1513r-1_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1516-3_firmware, cpe:/o:siemens:simatic_s7-1200_cpu_1214fc_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1516t-3_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1515r-2_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1511t-1_firmware, cpe:/o:siemens:simatic_drive_controller_cpu_1504d_tf_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1516f-3_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_cpu_1513prof-2_firmware, cpe:/o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1518-4_firmware, cpe:/o:siemens:simatic_s7-1200_cpu_1212fc_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1511f-1_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1516tf-3_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1516pro_f_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1515t-2_firmware, cpe:/o:siemens:simatic_drive_controller_cpu_1507d_tf_firmware, cpe:/o:siemens:simatic_s7-1500_cpu_1515tf-2_firmware, cpe:/o:siemens:simatic_s7-1200_cpu_1217c_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Patch Publication Date: 2/9/2022
Vulnerability Publication Date: 2/9/2022
CVE: CVE-2021-37205
CWE: 401
ICSA: 22-041-01