CVE-2020-28397

CWE-863 — Incorrect Authorization3 documents3 sources

Severity

5.3MEDIUM

EPSS

0.2%

top 59.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Cpu1510sp F-1 Firmware Siemens CPU 1504d TF Firmware Siemens CPU 1507d TF Firmware +59 more

Timeline

PublishedAug 10

Latest updateMay 24

Description

A vulnerability has been identified in SIMATIC Drive Controller family (All versions V2 V2.5 V2.5 < V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages63 packages

▶CVEListV5siemens/simatic_s7-1200_cpu_family_(incl._siplus_variants)Version V4.4

▶CVEListV5siemens/simatic_et_200sp_open_controller_cpu_1515sp_pc2_(incl._siplus_variants)All versions < V21.9

▶CVEListV5siemens/simatic_s7-1500_cpu_family_(incl._related_et200_cpus_and_siplus_variants)All versions > V2.5 < V2.9.2

▶CVEListV5siemens/simatic_drive_controller_familyAll versions < V2.9.2

▶CVEListV5siemens/tim_1531_irc_(incl._siplus_net_variants)Version V2.1

Patches

Patch: cert-portal.siemens.com ↗Patch: cert-portal.siemens.com ↗

🔴Vulnerability Details

GHSA

GHSA-wg3f-fv3w-mw54: A vulnerability has been identified in SIMATIC Drive Controller family (All versions V2 V2↗2022-05-24

▶

CVEList

CVE-2020-28397: A vulnerability has been identified in SIMATIC Drive Controller family (All versions V2 V2↗2021-08-10

▶