Multiple vulnerabilities in Siemens SINEMA Remote Connect Server
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2021-37177 CVE-2021-37183 CVE-2021-37190 CVE-2021-37191 CVE-2021-37192 CVE-2021-37193 |
| CWE-ID | CWE-471 CWE-284 CWE-200 CWE-799 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
SINEMA Remote Connect Server Server applications / SCADA systems |
| Vendor |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Modification of assumed-immutable data
EUVDB-ID: #VU56658
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-37177
CWE-ID:
CWE-471 - Modification of Assumed-Immutable Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to application does not perform validation of the attacker-controlled data, assuming that data is valid and safe. A remote attacker on the local network can manipulate with the status provided by the syslog clients managed by the affected software.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEMA Remote Connect Server: before 3.0 SP2
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper access control
EUVDB-ID: #VU56659
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-37183
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to the affected software allows sending send-to-sleep notifications to the managed devices. A remote attacker on the local network can cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEMA Remote Connect Server: before 3.0 SP2
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU56661
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-37190
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEMA Remote Connect Server: before 3.0 SP2
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper control of interaction frequency
EUVDB-ID: #VU56662
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-37191
CWE-ID:
CWE-799 - Improper Control of Interaction Frequency
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information on the target system.
The vulnerability exists due to the affected software lacks brute force protection. A remote attacker on the local network can brute force the usernames from the affected software.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEMA Remote Connect Server: before 3.0 SP2
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU56663
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-37192
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEMA Remote Connect Server: before 3.0 SP2
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Modification of assumed-immutable data
EUVDB-ID: #VU56664
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-37193
CWE-ID:
CWE-471 - Modification of Assumed-Immutable Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to application does not perform validation of the attacker-controlled data, assuming that data is valid and safe. A remote attacker on the local network can manipulate certain parameters and set a valid user of the affected software as invalid (or vice-versa).
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEMA Remote Connect Server: before 3.0 SP2
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-334944.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
