CVE-2021-37172 — Improper Authentication in Siemens Simatic Step 7

CWE-287 — Improper Authentication3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 59.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simatic Step 7 Siemens Simatic S7-1200 CPU Family Siemens Simatic S7-1200 CPU Firmware

Timeline

PublishedAug 10

Latest updateMay 24

Description

A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to bypass authentication and download arbitrary programs to the PLC. The vulnerability does not occur when TIA Portal V13 SP1 or any later version was used to provision the device.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5siemens/simatic_s7-1200_cpu_familyV4.5.0

▶NVDsiemens/simatic_s7-1200_cpu_firmware4.5.0

▶NVDsiemens/simatic_step_713.0

Patches

Patch: cert-portal.siemens.com ↗Patch: cert-portal.siemens.com ↗

🔴Vulnerability Details

GHSA

GHSA-jx4h-7jg8-gqhf: A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl↗2022-05-24

▶

CVEList

CVE-2021-37172: A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl↗2021-08-10

▶