CVE-2021-40360

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
siemensCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
VendorProductVersion
siemenssimatic_pcs_7
𝑥
≤ 8.2
siemenssimatic_pcs_7
9.0
siemenssimatic_pcs_7
9.1
siemenssimatic_wincc
𝑥
< 7.4
siemenssimatic_wincc
7.4
siemenssimatic_wincc
7.4:sp1
siemenssimatic_wincc
7.4:sp1_update1
siemenssimatic_wincc
7.4:sp1_update10
siemenssimatic_wincc
7.4:sp1_update11
siemenssimatic_wincc
7.4:sp1_update12
siemenssimatic_wincc
7.4:sp1_update13
siemenssimatic_wincc
7.4:sp1_update14
siemenssimatic_wincc
7.4:sp1_update15
siemenssimatic_wincc
7.4:sp1_update16
siemenssimatic_wincc
7.4:sp1_update17
siemenssimatic_wincc
7.4:sp1_update18
siemenssimatic_wincc
7.4:sp1_update2
siemenssimatic_wincc
7.4:sp1_update3
siemenssimatic_wincc
7.4:sp1_update4
siemenssimatic_wincc
7.4:sp1_update5
siemenssimatic_wincc
7.4:sp1_update6
siemenssimatic_wincc
7.4:sp1_update7
siemenssimatic_wincc
7.4:sp1_update8
siemenssimatic_wincc
7.4:sp1_update9
siemenssimatic_wincc
7.5
siemenssimatic_wincc
7.5:sp1
siemenssimatic_wincc
7.5:sp1_update1
siemenssimatic_wincc
7.5:sp1_update2
siemenssimatic_wincc
7.5:sp2
siemenssimatic_wincc
7.5:sp2_update1
siemenssimatic_wincc
7.5:sp2_update2
siemenssimatic_wincc
7.5:sp2_update3
siemenssimatic_wincc
7.5:sp2_update4
siemenssimatic_wincc
7.5:sp2_update5
siemenssimatic_wincc
14.0.1
siemenssimatic_wincc
15.1
siemenssimatic_wincc
15.1:update_1
siemenssimatic_wincc
15.1:update_2
siemenssimatic_wincc
15.1:update_3
siemenssimatic_wincc
15.1:update_4
siemenssimatic_wincc
15.1:update_5
siemenssimatic_wincc
15.1:update_6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf