阿里云漏洞库

漏洞描述

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions > V2.5 < V2.9.2), SIMATIC S7-1500 Software Controller (All versions > V2.5), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	系统	siemens	cpu1510sp_f-1_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1211c_firmware	4.4	-
	运行在以下环境
	系统	siemens	cpu_1212c_firmware	4.4	-
	运行在以下环境
	系统	siemens	cpu_1212fc_firmware	4.4	-
	运行在以下环境
	系统	siemens	cpu_1214c_firmware	4.4	-
	运行在以下环境
	系统	siemens	cpu_1214fc_firmware	4.4	-
	运行在以下环境
	系统	siemens	cpu_1215c_firmware	4.4	-
	运行在以下环境
	系统	siemens	cpu_1215fc_firmware	4.4	-
	运行在以下环境
	系统	siemens	cpu_1217c_firmware	4.4	-
	运行在以下环境
	系统	siemens	cpu_1504d_tf_firmware	*		Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1507d_tf_firmware	*		Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1510sp-1pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1511-1pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1511c-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1511f-1pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1511t-1pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1511tf-1pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1512c-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1512sp-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1512sp_f-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1513-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1513f-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1513pro_f-2_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1513r-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1515-2_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1515f-2_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1515r-2_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1515sp_pc2_tf_firmware	*	-
	运行在以下环境
	系统	siemens	cpu_1515t-2_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1515tf-2_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
	系统	siemens	cpu_1516-3_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
	运行在以下环境
系统	siemens	cpu_1516f-3_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2.
运行在以下环境
系统	siemens	cpu_1516pro-2_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	cpu_1516pro_f-2_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	cpu_1516t-3_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	cpu_1516tf-3_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	cpu_1517-3_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	cpu_1517f-3_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	cpu_1517t-3_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	cpu_1517tf-3_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	cpu_1518-4_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	cpu_1518f-4_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	simatic_s7_plcsim_advanced_firmware	*	From (including) 2.0	Up to (excluding) 4.0
运行在以下环境
系统	siemens	siplus_cpu-1516f-3_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	siplus_cpu_1510sp_f-1pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	siplus_cpu_1511-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	siplus_cpu_1511f-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	siplus_cpu_1512sp-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	siplus_cpu_1512sp_f-1pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	siplus_cpu_1513-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	siplus_cpu_1513f-1_pn_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	siplus_cpu_1516-3_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	siplus_cpu_1518-4_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	siplus_cpu_1518f-4_pn/dp_firmware	*	From (including) 2.5	Up to (excluding) 2.9.2
运行在以下环境
系统	siemens	tim_1531_irc_firmware	2.1	-
运行在以下环境
硬件	siemens	cpu1510sp_f-1	-	-
运行在以下环境
硬件	siemens	cpu_1211c	-	-
运行在以下环境
硬件	siemens	cpu_1212c	-	-
运行在以下环境
硬件	siemens	cpu_1212fc	-	-
运行在以下环境
硬件	siemens	cpu_1214c	-	-
运行在以下环境
硬件	siemens	cpu_1214fc	-	-
运行在以下环境
硬件	siemens	cpu_1215c	-	-
运行在以下环境
硬件	siemens	cpu_1215fc	-	-
运行在以下环境
硬件	siemens	cpu_1217c	-	-
运行在以下环境
硬件	siemens	cpu_1504d_tf	-	-
运行在以下环境
硬件	siemens	cpu_1507d_tf	-	-
运行在以下环境
硬件	siemens	cpu_1510sp-1pn	-	-
运行在以下环境
硬件	siemens	cpu_1511-1pn	-	-
运行在以下环境
硬件	siemens	cpu_1511c-1_pn	-	-
运行在以下环境
硬件	siemens	cpu_1511f-1pn	-	-
运行在以下环境
硬件	siemens	cpu_1511t-1pn	-	-
运行在以下环境
硬件	siemens	cpu_1511tf-1pn	-	-
运行在以下环境
硬件	siemens	cpu_1512c-1_pn	-	-
运行在以下环境
硬件	siemens	cpu_1512sp-1_pn	-	-
运行在以下环境
硬件	siemens	cpu_1512sp_f-1_pn	-	-
运行在以下环境
硬件	siemens	cpu_1513-1_pn	-	-
运行在以下环境
硬件	siemens	cpu_1513f-1_pn	-	-
运行在以下环境
硬件	siemens	cpu_1513pro_f-2_pn	-	-
运行在以下环境
硬件	siemens	cpu_1513r-1_pn	-	-
运行在以下环境
硬件	siemens	cpu_1515-2	-	-
运行在以下环境
硬件	siemens	cpu_1515f-2	-	-
运行在以下环境
硬件	siemens	cpu_1515r-2_pn	-	-
运行在以下环境
硬件	siemens	cpu_1515sp_pc2_tf	-	-
运行在以下环境
硬件	siemens	cpu_1515t-2_pn	-	-
运行在以下环境
硬件	siemens	cpu_1515tf-2_pn	-	-
运行在以下环境
硬件	siemens	cpu_1516-3	-	-
运行在以下环境
硬件	siemens	cpu_1516f-3	-	-
运行在以下环境
硬件	siemens	cpu_1516pro-2_pn	-	-
运行在以下环境
硬件	siemens	cpu_1516pro_f-2_pn	-	-
运行在以下环境
硬件	siemens	cpu_1516t-3_pn/dp	-	-
运行在以下环境
硬件	siemens	cpu_1516tf-3_pn/dp	-	-
运行在以下环境
硬件	siemens	cpu_1517-3_pn/dp	-	-
运行在以下环境
硬件	siemens	cpu_1517f-3_pn/dp	-	-
运行在以下环境
硬件	siemens	cpu_1517t-3_pn/dp	-	-
运行在以下环境
硬件	siemens	cpu_1517tf-3_pn/dp	-	-
运行在以下环境
硬件	siemens	cpu_1518-4_pn/dp	-	-
运行在以下环境
硬件	siemens	cpu_1518f-4_pn/dp	-	-
运行在以下环境
硬件	siemens	simatic_s7_plcsim_advanced	-	-
运行在以下环境
硬件	siemens	siplus_cpu-1516f-3_pn/dp	-	-
运行在以下环境
硬件	siemens	siplus_cpu_1510sp_f-1pn	-	-
运行在以下环境
硬件	siemens	siplus_cpu_1511-1_pn	-	-
运行在以下环境
硬件	siemens	siplus_cpu_1511f-1_pn	-	-
运行在以下环境
硬件	siemens	siplus_cpu_1512sp-1_pn	-	-
运行在以下环境
硬件	siemens	siplus_cpu_1512sp_f-1pn	-	-
运行在以下环境
硬件	siemens	siplus_cpu_1513-1_pn	-	-
运行在以下环境
硬件	siemens	siplus_cpu_1513f-1_pn	-	-
运行在以下环境
硬件	siemens	siplus_cpu_1516-3_pn/dp	-	-
运行在以下环境
硬件	siemens	siplus_cpu_1518-4_pn/dp	-	-
运行在以下环境
硬件	siemens	siplus_cpu_1518f-4_pn/dp	-	-
运行在以下环境
硬件	siemens	tim_1531_irc	-	-

攻击路径

网络
攻击复杂度

低
权限要求

无
影响范围

未更改
用户交互

无
可用性

无
保密性

低
完整性

无

CWE-ID	漏洞类型
CWE-863	授权机制不正确

siemens cpu_1504d_tf_firmware 授权机制不正确

漏洞描述

解决建议

参考链接

受影响软件情况