CVE-2021-31894

moderate-risk
Published 2021-07-13

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.

Do I need to act?

-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
LOCAL / LOW complexity

Affected Products (11)

Simatic Pcs 7 Firmware
Simatic Pcs 7 Firmware
Simatic Pdm Firmware
Simatic Step 7 Firmware
Sinamics Starter Firmware
Sinamics Starter Firmware
Sinamics Starter Firmware
Sinamics Starter Firmware
Sinamics Starter Firmware
Sinamics Starter Firmware
Sinamics Starter Firmware

Affected Vendors

Siemens

References (2)

Patch https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf
Patch https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf
43
/ 100
moderate-risk
Severity 27/34 · High
Exploitability 0/34 · Minimal
Exposure 16/34 · Moderate