Detections
Analytics
Siemens SIMATIC Communication Processor (CVE-2015-8214)
high Tenable OT Security Plugin ID 501108
Synopsis
The remote OT asset is affected by a vulnerability.Description
A vulnerability has been identified in SIMATIC NET CP 342-5 (incl.SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl.
SIPLUS variants) (All versions < V3.0.44), SIMATIC NET CP 343-1 Lean (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 343-1 Standard (incl. SIPLUS variants) (All versions < V3.1.1), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-1 Standard (incl. SIPLUS variants) (All versions < V3.2.9), SIMATIC NET CP 443-5 Basic (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-5 Extended (All versions), TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 3V-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0), TIM 4R-IE (incl. SIPLUS NET variants) (All versions < V2.6.0), TIM 4R-IE DNP3 (incl. SIPLUS NET variants) (All versions < V3.1.0). The implemented access protection level enforcement of the affected communication processors (CP) could possibly allow unauthenticated users to perform administrative operations on the CPs if network access (port 102/TCP) is available and the CPs' configuration was stored on their corresponding CPUs.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.Siemens has released the following updates for Communication Processor (CP) module families CP 343-1/TIM 3VIE/ TIM 4R-IE/CP 443-1 to resolve this issue:
- SIMATIC NET CP 343-1 Advanced: Update to v3.0.44
- SIMATIC NET CP 343-1 Lean / Standard: Update to v3.1.1
- SIMATIC NET CP 443-1 Advanced / Standard: Update to v3.2.9
- TIM 3V-IE / TIM 3V-IE Advanced / TIM 4R-IE: Update to v2.6.0
- TIM 3V-IE DNP3: Update to v3.1.0
- TIM 4R-IE DNP3: Update to v3.1.0
As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens operational guidelines for industrial security, and following the recommendations in the product manuals.
Additional information on industrial security by Siemens can be found at: https://www.siemens.com/industrialsecurity
For more information on this vulnerability and detailed instructions, please see Siemens Security Advisory SSA-763427
See Also
http://www.nessus.org/u?f6b3db51
http://www.securityfocus.com/bid/78345
http://www.securitytracker.com/id/1034279
https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-15-335-03
Plugin Details
Severity: High
ID: 501108
Version: 1.6
Type: remote
Family: Tenable.ot
Published: 5/2/2023
Updated: 12/25/2023
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: High
Base Score: 9.7
Temporal Score: 7.2
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:C/A:C
CVSS Score Source: CVE-2015-8214
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:siemens:simatic_cp_343-1_advanced_firmware, cpe:/o:siemens:simatic_cp_343-1_lean_firmware, cpe:/o:siemens:simatic_cp_443-1_firmware, cpe:/o:siemens:simatic_cp_443-1_advanced_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Patch Publication Date: 11/27/2015
Vulnerability Publication Date: 11/27/2015
Reference Information
CVE: CVE-2015-8214
CWE: 264