SecuriTricks - CVE-2024-35783

Description

A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions), SIMATIC Information Server 2022 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC06), SIMATIC Process Historian 2020 (All versions), SIMATIC Process Historian 2022 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 3), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 18), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products run their DB server with elevated privileges which could allow an authenticated attacker to execute arbitrary OS commands with administrative privileges.

Product(s) Impacted

Product	Versions
SIMATIC PCS 7	['9.1']
SIMATIC BATCH	['9.1']
SIMATIC Information Server	['2020', '2022']
SIMATIC Process Historian	['2020', '2022']
SIMATIC WinCC Runtime Professional	['18', '19']
SIMATIC WinCC	['7.4', '7.5', '8.0']

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-250

Execution with Unnecessary Privileges

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

References

https://cert-portal.siemens.com/productcert/html/ssa-629254.html

CVSS Score

9.1 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: HIGH
Scope: CHANGED
Confidentiality Impact: HIGH
Integrity Impact: HIGH
Availability Impact: HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

View Vector String

Timeline

Published: Sept. 10, 2024, 10:15 a.m.
Last Modified: Oct. 8, 2024, 9:15 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

productcert@siemens.com

CVE-2024-35783