Siemens SCALANCE W 1750D Improper Input Validation (CVE-2016-2031)

critical Tenable OT Security Plugin ID 501001

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk:

- Update to the latest firmware version and find further instructions in the document Control Plane Security Best Practices. Depending on network configuration and risk tolerance, no action may be required.

Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens’ operational guidelines for industrial security and following the recommendations in the product manuals. Additional information on industrial security by Siemens can be found at: https://www.siemens.com/industrialsecurity

For more information refer to Siemens Advisory SSA-431802

See Also

http://seclists.org/fulldisclosure/2016/May/19

http://www.nessus.org/u?d8f56e63

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2016-004.txt

https://www.securityfocus.com/bid/90207

https://cert-portal.siemens.com/productcert/pdf/ssa-431802.pdf

https://www.cisa.gov/news-events/ics-advisories/icsa-20-315-05

Plugin Details

Severity: Critical

ID: 501001

Version: 1.3

Type: remote

Family: Tenable.ot

Published: 4/11/2023

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2016-2031

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:siemens:scalance_w1750d_firmware

Required KB Items: Tenable.ot/Siemens

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/31/2020

Vulnerability Publication Date: 1/31/2020

Reference Information

CVE: CVE-2016-2031

CWE: 20

ICSA: 20-315-05