Detections
Analytics

Siemens SIMATIC CP 343-1 Advanced < 3.0.53 / CP 443-1 Advanced < 3.2.17 Multiple Vulnerabilities (ICSA-16-327-02)

high Nessus Network Monitor Plugin ID 138

Synopsis

A vulnerable Siemens SIMATIC S7 Advanced (CP 343-1/443-1) device has been detected.

Description

Siemens SIMATIC CP 343-1 Advanced prior to version 3.0.53 and SIMATIC CP 443-1 Advanced prior to version 3.2.17 have a web server vulnerability that may allow remote attackers to perform actions with the permissions of an authenticated user. The web server also delivers cookies without the "secure" flag.

Solution

Update the CP 443-1 firmware to 3.2.17 or later. If running CP 343-1, update the firmware to 3.0.53 or later.

See Also

https://www.us-cert.gov/ics/advisories/ICSA-16-327-02,https://support.industry.siemens.com/cs/ww/en/view/109742236,https://support.industry.siemens.com/cs/ww/en/view/109745388

Plugin Details

Severity: High

ID: 138

Family: SCADA

Published: 5/21/2019

Updated: 9/30/2019

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 11/22/2016

Vulnerability Publication Date: 11/22/2016

Reference Information

CVE: CVE-2016-8672