CVE-2023-29104 — Path Traversal in Siemens Simatic Cloud Connect 7 Cc712

CWE-22 — Path Traversal5 documents4 sources

Severity

7.6HIGHNVD

CNA6.0

EPSS

0.7%

top 28.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simatic Cloud Connect 7 Cc712 Siemens Simatic Cloud Connect 7 Cc716 Siemens 6gk1411-1ac00 Firmware +1 more

Timeline

PublishedMay 9

Description

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 = V2.0 < V2.1). The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacker to overwrite any file the Linux user `ccuser` has write access to, or to download any file the Linux user `ccuser` has read-only access to.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:HExploitability: 2.8 | Impact: 4.7

Affected Packages4 packages

▶CVEListV5siemens/simatic_cloud_connect_7_cc712All versions >= V2.0 < V2.1

▶CVEListV5siemens/simatic_cloud_connect_7_cc716All versions >= V2.0 < V2.1

▶NVDsiemens/6gk1411-1ac00_firmware2.0

▶NVDsiemens/6gk1411-5ac00_firmware2.0

Patches

Patch: cert-portal.siemens.com ↗Patch: cert-portal.siemens.com ↗

🔴Vulnerability Details

GHSA

GHSA-phr4-r5wx-xcf6: A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2↗2023-05-09

▶

CVEList

CVE-2023-29104: A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2↗2023-05-09

▶