Detections
Analytics

Siemens SIMATIC NET CP Modules Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2021-33737)

high Tenable OT Security Plugin ID 501093

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3). Sending a specially crafted packet to port 102/tcp of an affected device could cause a denial of service condition. A restart is needed to restore normal operations.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Siemens recommends affected users limit access to Port 102/TCP to trusted users and systems only.

As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens’ operational guidelines for industrial security and to following the recommendations in the product manuals.

Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

For more information about this issue, please see Siemens Security Advisory SSA-549234

See Also

https://cert-portal.siemens.com/productcert/pdf/ssa-549234.pdf

https://www.cisa.gov/news-events/ics-advisories/icsa-21-257-15

Plugin Details

Severity: High

ID: 501093

Version: 1.6

Type: remote

Family: Tenable.ot

Published: 5/2/2023

Updated: 3/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2021-33737

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:siemens:simatic_cp_343-1_advanced_firmware, cpe:/o:siemens:simatic_cp_343-1_erpc_firmware, cpe:/o:siemens:simatic_cp_343-1_firmware, cpe:/o:siemens:simatic_cp_343-1_lean_firmware, cpe:/o:siemens:simatic_cp_443-1_advanced_firmware, cpe:/o:siemens:simatic_cp_443-1_firmware

Required KB Items: Tenable.ot/Siemens

Exploit Ease: No known exploits are available

Patch Publication Date: 9/14/2021

Vulnerability Publication Date: 9/14/2021

Reference Information

CVE: CVE-2021-33737

CWE: 119