VAR-201608-0418
Vulnerability from variot - Updated: 2022-05-17 02:10The programmable controller (PLC) is developed on the basis of relay control and computer control, and gradually developed into a new microprocessor-based, integrated computer technology, automatic control technology and communication technology. Industrial automatic control device. Medium-sized PLC S7-300 and large-scale PLC The S7-400 is a Siemens product that can be used to form MPI, PROFIBUS and Industrial Ethernet. There is a remote control vulnerability in the Siemens 300/400 series PLC. The attacker can use the Siemens PLC to perform TCP communication through port 102. This script can remotely control the start and stop of the PLC by sending a specific message to port 102 of the PLC. The SiemensS7300/400PLC is a modular universal controller for the manufacturing industry from Siemens. The SiemensS7300/400PLC has permission to bypass the shutdown vulnerability. If the recovery requires manual restart of the PLC, no permission problems are encountered during the process
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0418",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "s7-300/400 plc",
"scope": null,
"trust": 1.2,
"vendor": "siemens",
"version": null
},
{
"model": "s7-300/400 plc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d"
},
{
"db": "IVD",
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1"
},
{
"db": "IVD",
"id": "d7364d14-b977-40e3-a6b0-e5fc7a82ebbf"
},
{
"db": "CNVD",
"id": "CNVD-2017-26804"
},
{
"db": "CNVD",
"id": "CNVD-2016-05901"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-26804",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-05901",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "d7364d14-b977-40e3-a6b0-e5fc7a82ebbf",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2017-26804",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-05901",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "d7364d14-b977-40e3-a6b0-e5fc7a82ebbf",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d"
},
{
"db": "IVD",
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1"
},
{
"db": "IVD",
"id": "d7364d14-b977-40e3-a6b0-e5fc7a82ebbf"
},
{
"db": "CNVD",
"id": "CNVD-2017-26804"
},
{
"db": "CNVD",
"id": "CNVD-2016-05901"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The programmable controller (PLC) is developed on the basis of relay control and computer control, and gradually developed into a new microprocessor-based, integrated computer technology, automatic control technology and communication technology. Industrial automatic control device. Medium-sized PLC S7-300 and large-scale PLC The S7-400 is a Siemens product that can be used to form MPI, PROFIBUS and Industrial Ethernet. There is a remote control vulnerability in the Siemens 300/400 series PLC. The attacker can use the Siemens PLC to perform TCP communication through port 102. This script can remotely control the start and stop of the PLC by sending a specific message to port 102 of the PLC. The SiemensS7300/400PLC is a modular universal controller for the manufacturing industry from Siemens. The SiemensS7300/400PLC has permission to bypass the shutdown vulnerability. If the recovery requires manual restart of the PLC, no permission problems are encountered during the process",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-26804"
},
{
"db": "CNVD",
"id": "CNVD-2016-05901"
},
{
"db": "IVD",
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d"
},
{
"db": "IVD",
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1"
},
{
"db": "IVD",
"id": "d7364d14-b977-40e3-a6b0-e5fc7a82ebbf"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-186-01",
"trust": 1.2
},
{
"db": "CNVD",
"id": "CNVD-2017-26804",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2016-05901",
"trust": 0.8
},
{
"db": "IVD",
"id": "D736E467-E11A-43B6-AC1D-B6DD8EE7C78D",
"trust": 0.2
},
{
"db": "IVD",
"id": "E2E48A0F-39AB-11E9-B679-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "D7364D14-B977-40E3-A6B0-E5FC7A82EBBF",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d"
},
{
"db": "IVD",
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1"
},
{
"db": "IVD",
"id": "d7364d14-b977-40e3-a6b0-e5fc7a82ebbf"
},
{
"db": "CNVD",
"id": "CNVD-2017-26804"
},
{
"db": "CNVD",
"id": "CNVD-2016-05901"
}
]
},
"id": "VAR-201608-0418",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d"
},
{
"db": "IVD",
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1"
},
{
"db": "IVD",
"id": "d7364d14-b977-40e3-a6b0-e5fc7a82ebbf"
},
{
"db": "CNVD",
"id": "CNVD-2017-26804"
},
{
"db": "CNVD",
"id": "CNVD-2016-05901"
}
],
"trust": 2.7375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
},
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "IVD",
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d"
},
{
"db": "IVD",
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1"
},
{
"db": "IVD",
"id": "d7364d14-b977-40e3-a6b0-e5fc7a82ebbf"
},
{
"db": "CNVD",
"id": "CNVD-2017-26804"
},
{
"db": "CNVD",
"id": "CNVD-2016-05901"
}
]
},
"last_update_date": "2022-05-17T02:10:35.273000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Remote Control Vulnerability in Siemens 300/400 Series PLC",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/116371"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-26804"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/alerts/ics-alert-11-186-01"
},
{
"trust": 0.6,
"url": "https://support.industry.siemens.com/cs/document/51401544/potential-password-security-weakness-in-simatic-controllers?dti=0\u0026lc=en-ww"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-26804"
},
{
"db": "CNVD",
"id": "CNVD-2016-05901"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d"
},
{
"db": "IVD",
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1"
},
{
"db": "IVD",
"id": "d7364d14-b977-40e3-a6b0-e5fc7a82ebbf"
},
{
"db": "CNVD",
"id": "CNVD-2017-26804"
},
{
"db": "CNVD",
"id": "CNVD-2016-05901"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-15T00:00:00",
"db": "IVD",
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d"
},
{
"date": "2017-09-15T00:00:00",
"db": "IVD",
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1"
},
{
"date": "2016-08-03T00:00:00",
"db": "IVD",
"id": "d7364d14-b977-40e3-a6b0-e5fc7a82ebbf"
},
{
"date": "2018-03-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-26804"
},
{
"date": "2016-06-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-05901"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-26804"
},
{
"date": "2016-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-05901"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens 300/400 series PLC Remote control vulnerability",
"sources": [
{
"db": "IVD",
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d"
},
{
"db": "IVD",
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2017-26804"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Control error",
"sources": [
{
"db": "IVD",
"id": "d736e467-e11a-43b6-ac1d-b6dd8ee7c78d"
},
{
"db": "IVD",
"id": "e2e48a0f-39ab-11e9-b679-000c29342cb1"
}
],
"trust": 0.4
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…