CVE-2023-25910

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-25910
A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server. An attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system's server.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://cert-portal.siemens.com/productcert/html/ssa-968170.html
https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf Mitigation Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_s7-pm:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*
History

12 Mar 2024, 11:15

Type Values Removed Values Added
Summary (en) A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC S7-PM (All versions), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server. An attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system's server. (en) A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server. An attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system's server.
References
  • () https://cert-portal.siemens.com/productcert/html/ssa-968170.html -

20 Jun 2023, 19:59

Type Values Removed Values Added
CWE CWE-94
References (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf - (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf - Mitigation, Patch, Vendor Advisory
CPE cpe:2.3:a:siemens:simatic_s7-pm:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*
First Time Siemens simatic S7-pm
Siemens simatic Pcs 7
Siemens simatic Step 7
Siemens
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.8

13 Jun 2023, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-06-13 09:15

Updated : 2024-03-12 11:15

NVD link : CVE-2023-25910

Mitre link : CVE-2023-25910

CVE.ORG link : CVE-2023-25910

JSON object : View

Products Affected

siemens

  • simatic_pcs_7
  • simatic_s7-pm
  • simatic_step_7
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')