CVE-2021-40364

09.11.2021, 12:15

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). The affected systems store sensitive information in log files. An attacker with access to the log files could publicly expose the information or reuse it to develop further attacks on the system.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
siemens	CNA	5.5 MEDIUM				CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 16%

Vendor	Product	Version
siemens	simatic_pcs_7	𝑥 ≤ 8.2
siemens	simatic_pcs_7	9.0 ≤ 𝑥 < 9.1
siemens	simatic_pcs_7	9.1
siemens	simatic_wincc	𝑥 ≤ 7.4
siemens	simatic_wincc	7.5
siemens	simatic_wincc	7.5:sp1
siemens	simatic_wincc	7.5:sp1_update1
siemens	simatic_wincc	7.5:sp1_update2
siemens	simatic_wincc	7.5:sp2
siemens	simatic_wincc	7.5:sp2_update1
siemens	simatic_wincc	7.5:sp2_update2
siemens	simatic_wincc	7.5:sp2_update3
siemens	simatic_wincc	7.5:sp2_update4

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-532 - Insertion of Sensitive Information into Log File
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf