Detections
Analytics
Siemens SICAM A8000 CP Command Injection (CVE-2023-42797)
high Tenable OT Security Plugin ID 501888
Synopsis
The remote OT asset is affected by a vulnerability.Description
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP-8050 MASTER MODULE (All versions < CPCI85 V05.20). The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being used in succeeding validation steps.By uploading specially crafted network configuration, an authenticated remote attacker could be able to inject commands that are executed on the device with root privileges during device startup.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
https://cert-portal.siemens.com/productcert/pdf/ssa-583634.pdf
Plugin Details
Severity: High
ID: 501888
Version: 1.2
Type: remote
Family: Tenable.ot
Published: 1/16/2024
Updated: 2/21/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 8.3
Temporal Score: 6.1
Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:C
CVSS Score Source: CVE-2023-42797
CVSS v3
Risk Factor: High
Base Score: 7.2
Temporal Score: 6.3
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:siemens:sicam_a8000_cp-8050_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Patch Publication Date: 1/9/2024
Vulnerability Publication Date: 1/9/2024
Reference Information
CVE: CVE-2023-42797
CWE: 908