CVE-2023-49692

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE S615 EEC (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions < V3.0.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established.

CVSS v3 6.7 MEDIUM

6.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-068047.html
https://cert-portal.siemens.com/productcert/html/ssa-602936.html
https://cert-portal.siemens.com/productcert/pdf/ssa-068047.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:siemens:6gk6108-4am00-2ba2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk6108-4am00-2ba2:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:siemens:6gk6108-4am00-2da2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk6108-4am00-2da2:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:6gk5804-0ap00-2aa2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5804-0ap00-2aa2:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:siemens:6gk5812-1aa00-2aa2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5812-1aa00-2aa2:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:siemens:6gk5812-1ba00-2aa2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5812-1ba00-2aa2:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:siemens:6gk5816-1aa00-2aa2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5816-1aa00-2aa2:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:siemens:6gk5816-1ba00-2aa2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5816-1ba00-2aa2:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:siemens:6gk5826-2ab00-2ab2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5826-2ab00-2ab2:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:siemens:6gk5874-2aa00-2aa2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5874-2aa00-2aa2:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:siemens:6gk5874-3aa00-2aa2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5874-3aa00-2aa2:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:siemens:6gk5876-3aa02-2ba2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5876-3aa02-2ba2:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:siemens:6gk5876-3aa02-2ea2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5876-3aa02-2ea2:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:siemens:6gk5876-4aa10-2ba2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5876-4aa10-2ba2:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:siemens:6gk5876-4aa00-2ba2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5876-4aa00-2ba2:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:siemens:6gk5876-4aa00-2da2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5876-4aa00-2da2:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:siemens:6gk5853-2ea00-2da1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5853-2ea00-2da1:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:siemens:6gk5856-2ea00-3da1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5856-2ea00-3da1:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:siemens:6gk5856-2ea00-3aa1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5856-2ea00-3aa1:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:siemens:6gk5615-0aa00-2aa2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5615-0aa00-2aa2:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:siemens:6gk5615-0aa01-2aa2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:6gk5615-0aa01-2aa2:-:*:*:*:*:*:*:*

History

13 Feb 2024, 09:15

Type	Values Removed	Values Added
Summary	(en) A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.2.2), SCALANCE M804PB (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.2.2), SCALANCE M874-2 (All versions < V7.2.2), SCALANCE M874-3 (All versions < V7.2.2), SCALANCE M876-3 (EVDO) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (All versions < V7.2.2), SCALANCE M876-4 (All versions < V7.2.2), SCALANCE M876-4 (EU) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (All versions < V7.2.2), SCALANCE S615 (All versions < V7.2.2), SCALANCE S615 EEC (All versions < V7.2.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established.	(en) A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE S615 EEC (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions < V3.0.2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions < V3.0.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established.
References		() https://cert-portal.siemens.com/productcert/html/ssa-068047.html - () https://cert-portal.siemens.com/productcert/html/ssa-602936.html -

18 Dec 2023, 14:38

Type	Values Removed	Values Added
References	~~() https://cert-portal.siemens.com/productcert/pdf/ssa-068047.pdf -~~	() https://cert-portal.siemens.com/productcert/pdf/ssa-068047.pdf - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~7.2~~	v2 : unknown v3 : 6.7
CPE		cpe:2.3:h:siemens:6gk5876-4aa10-2ba2:-:::::::* cpe:2.3:o:siemens:6gk5615-0aa00-2aa2_firmware:::::::: cpe:2.3:h:siemens:6gk5615-0aa01-2aa2:-:::::::* cpe:2.3:h:siemens:6gk5876-3aa02-2ea2:-:::::::* cpe:2.3:o:siemens:6gk5615-0aa01-2aa2_firmware:::::::: cpe:2.3:o:siemens:6gk5876-3aa02-2ba2_firmware:::::::: cpe:2.3:h:siemens:6gk5826-2ab00-2ab2:-:::::::* cpe:2.3:h:siemens:6gk5856-2ea00-3aa1:-:::::::* cpe:2.3:o:siemens:6gk6108-4am00-2da2_firmware:::::::: cpe:2.3:o:siemens:6gk5876-4aa00-2da2_firmware:::::::: cpe:2.3:o:siemens:6gk5856-2ea00-3aa1_firmware:::::::: cpe:2.3:h:siemens:6gk5874-3aa00-2aa2:-:::::::* cpe:2.3:h:siemens:6gk5876-4aa00-2da2:-:::::::* cpe:2.3:o:siemens:6gk5816-1ba00-2aa2_firmware:::::::: cpe:2.3:h:siemens:6gk5804-0ap00-2aa2:-:::::::* cpe:2.3:h:siemens:6gk5812-1ba00-2aa2:-:::::::* cpe:2.3:o:siemens:6gk5876-3aa02-2ea2_firmware:::::::: cpe:2.3:h:siemens:6gk5615-0aa00-2aa2:-:::::::* cpe:2.3:h:siemens:6gk5812-1aa00-2aa2:-:::::::* cpe:2.3:o:siemens:6gk5853-2ea00-2da1_firmware:::::::: cpe:2.3:h:siemens:6gk6108-4am00-2da2:-:::::::* cpe:2.3:h:siemens:6gk5876-4aa00-2ba2:-:::::::* cpe:2.3:o:siemens:6gk5874-2aa00-2aa2_firmware:::::::: cpe:2.3:o:siemens:6gk5874-3aa00-2aa2_firmware:::::::: cpe:2.3:h:siemens:6gk5816-1aa00-2aa2:-:::::::* cpe:2.3:h:siemens:6gk5876-3aa02-2ba2:-:::::::* cpe:2.3:h:siemens:6gk6108-4am00-2ba2:-:::::::* cpe:2.3:o:siemens:6gk5816-1aa00-2aa2_firmware:::::::: cpe:2.3:o:siemens:6gk5826-2ab00-2ab2_firmware:::::::: cpe:2.3:o:siemens:6gk5876-4aa10-2ba2_firmware:::::::: cpe:2.3:h:siemens:6gk5853-2ea00-2da1:-:::::::* cpe:2.3:o:siemens:6gk5856-2ea00-3da1_firmware:::::::: cpe:2.3:h:siemens:6gk5856-2ea00-3da1:-:::::::* cpe:2.3:h:siemens:6gk5816-1ba00-2aa2:-:::::::* cpe:2.3:o:siemens:6gk5876-4aa00-2ba2_firmware:::::::: cpe:2.3:o:siemens:6gk5812-1aa00-2aa2_firmware:::::::: cpe:2.3:o:siemens:6gk5812-1ba00-2aa2_firmware:::::::: cpe:2.3:h:siemens:6gk5874-2aa00-2aa2:-:::::::* cpe:2.3:o:siemens:6gk5804-0ap00-2aa2_firmware:::::::: cpe:2.3:o:siemens:6gk6108-4am00-2ba2_firmware::::::::
First Time		Siemens 6gk5816-1aa00-2aa2 Firmware Siemens 6gk5615-0aa01-2aa2 Firmware Siemens 6gk5876-3aa02-2ea2 Siemens 6gk5876-4aa00-2da2 Siemens 6gk5812-1ba00-2aa2 Firmware Siemens 6gk6108-4am00-2ba2 Firmware Siemens 6gk5876-4aa00-2ba2 Siemens 6gk5874-3aa00-2aa2 Siemens 6gk5876-3aa02-2ea2 Firmware Siemens 6gk5816-1ba00-2aa2 Firmware Siemens 6gk5826-2ab00-2ab2 Firmware Siemens 6gk5876-3aa02-2ba2 Firmware Siemens 6gk5812-1aa00-2aa2 Siemens 6gk6108-4am00-2ba2 Siemens 6gk5826-2ab00-2ab2 Siemens 6gk5615-0aa01-2aa2 Siemens 6gk5874-2aa00-2aa2 Siemens 6gk5816-1ba00-2aa2 Siemens 6gk5876-3aa02-2ba2 Siemens 6gk5615-0aa00-2aa2 Siemens 6gk5615-0aa00-2aa2 Firmware Siemens 6gk5874-2aa00-2aa2 Firmware Siemens 6gk5856-2ea00-3da1 Siemens 6gk5856-2ea00-3aa1 Firmware Siemens 6gk5856-2ea00-3da1 Firmware Siemens 6gk5804-0ap00-2aa2 Siemens 6gk5856-2ea00-3aa1 Siemens 6gk5853-2ea00-2da1 Siemens 6gk5812-1aa00-2aa2 Firmware Siemens 6gk5876-4aa10-2ba2 Firmware Siemens 6gk5876-4aa00-2da2 Firmware Siemens 6gk6108-4am00-2da2 Firmware Siemens Siemens 6gk5874-3aa00-2aa2 Firmware Siemens 6gk5876-4aa00-2ba2 Firmware Siemens 6gk5853-2ea00-2da1 Firmware Siemens 6gk5876-4aa10-2ba2 Siemens 6gk6108-4am00-2da2 Siemens 6gk5804-0ap00-2aa2 Firmware Siemens 6gk5816-1aa00-2aa2 Siemens 6gk5812-1ba00-2aa2

12 Dec 2023, 13:43

Type	Values Removed	Values Added
Summary		(es) Se ha identificado una vulnerabilidad en: RUGGEDCOM RM1224 LTE(4G) EU (Todas las versiones < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (Todas las versiones < V7.2.2), SCALANCE M804PB (Todas las versiones < V7.2.2), SCALANCE M812-1 ADSL-Router (Anexo A) (Todas las versiones < V7.2.2), SCALANCE M812-1 ADSL-Router (Anexo B) (Todas las versiones < V7.2.2), SCALANCE M816-1 ADSL-Router (Anexo A) (Todas las versiones < V7.2.2), SCALANCE M816-1 ADSL-Router (Anexo B) (Todas las versiones < V7.2.2), SCALANCE M826-2 SHDSL-Router (Todas las versiones < V7.2.2), SCALANCE M874-2 ( Todas las versiones < V7.2.2), SCALANCE M874-3 (Todas las versiones < V7.2.2), SCALANCE M876-3 (EVDO) (Todas las versiones < V7.2.2), SCALANCE M876-3 (ROK) (Todas las versiones < V7. 2.2), SCALANCE M876-4 (Todas las versiones < V7.2.2), SCALANCE M876-4 (EU) (Todas las versiones < V7.2.2), SCALANCE M876-4 (NAM) (Todas las versiones < V7.2.2), SCALANCE MUM853 -1 (UE) (Todas las versiones < V7.2.2), SCALANCE MUM856-1 (UE) (Todas las versiones < V7.2.2), SCALANCE MUM856-1 (RoW) (Todas las versiones < V7.2.2), SCALANCE S615 (Todas versiones < V7.2.2), SCALANCE S615 EEC (Todas las versiones < V7.2.2). Existe una vulnerabilidad de neutralización inadecuada de elementos especiales utilizados en un comando del sistema operativo con privilegios de root en el análisis de la configuración IPSEC. Esto podría permitir que administradores locales malintencionados emitan comandos a nivel del sistema después de que se establezca una nueva conexión.

12 Dec 2023, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-12-12 12:15

Updated : 2024-02-13 09:15

NVD link : CVE-2023-49692

Mitre link : CVE-2023-49692

CVE.ORG link : CVE-2023-49692

JSON object : View

Products Affected

siemens

6gk5826-2ab00-2ab2
6gk5876-3aa02-2ba2_firmware
6gk5826-2ab00-2ab2_firmware
6gk5876-4aa10-2ba2
6gk5615-0aa00-2aa2
6gk6108-4am00-2ba2
6gk5812-1ba00-2aa2_firmware
6gk5816-1aa00-2aa2
6gk5874-3aa00-2aa2
6gk5816-1ba00-2aa2_firmware
6gk5874-2aa00-2aa2_firmware
6gk5816-1aa00-2aa2_firmware
6gk5615-0aa00-2aa2_firmware
6gk5804-0ap00-2aa2_firmware
6gk5876-4aa00-2ba2_firmware
6gk5615-0aa01-2aa2
6gk5853-2ea00-2da1
6gk5816-1ba00-2aa2
6gk5856-2ea00-3da1
6gk5812-1aa00-2aa2
6gk6108-4am00-2ba2_firmware
6gk5876-4aa00-2da2_firmware
6gk5876-3aa02-2ea2
6gk5804-0ap00-2aa2
6gk5876-4aa00-2da2
6gk5876-3aa02-2ea2_firmware
6gk6108-4am00-2da2
6gk5812-1ba00-2aa2
6gk5876-4aa10-2ba2_firmware
6gk5856-2ea00-3aa1
6gk5853-2ea00-2da1_firmware
6gk5856-2ea00-3da1_firmware
6gk5876-4aa00-2ba2
6gk5874-3aa00-2aa2_firmware
6gk5812-1aa00-2aa2_firmware
6gk5856-2ea00-3aa1_firmware
6gk5615-0aa01-2aa2_firmware
6gk5874-2aa00-2aa2
6gk5876-3aa02-2ba2
6gk6108-4am00-2da2_firmware

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

6.7 /10