CVE-2016-7114

06.09.2016, 00:59

A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02; SIPROTEC 7SJ686 : All versions < V 4.87; SIPROTEC 7UT686 : All versions < V 4.02; SIPROTEC 7SD686 : All versions < V 4.05; SIPROTEC 7SJ66 : All versions < V 4.30. Attackers with network access to the device's web interface (port 80/tcp) could possibly circumvent authentication and perform certain administrative operations. A legitimate user must be logged into the web interface for the attack to be successful.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 61%

Vendor	Product	Version
siemens	en100_ethernet_module_firmware	4.28

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-287 - Improper Authentication
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

References

http://www.securityfocus.com/bid/92745

http://www.securityfocus.com/bid/99471

http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-630413.pdf

https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf

http://www.securityfocus.com/bid/92745

http://www.securityfocus.com/bid/99471

http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-630413.pdf

https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf