SB2022021806 - Multiple vulnerabilities in Siemens Energy Products 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022021806

SB2022021806 - Multiple vulnerabilities in Siemens Energy Products

Published: February 18, 2022

Security Bulletin ID SB2022021806
Severity
High
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 67% Medium 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2020-14509)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when the packet parser mechanism does not verify length fields. A remote attacker can send specially crafted packets, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Input validation error (CVE-ID: CVE-2020-14513)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a specifically crafted license file and perform a denial of service (DoS) attack.


3) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2020-14515)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected software does not verify the cryptographic signature for data within the license-file signature checking mechanism. A remote attacker can build arbitrary license files, including forging a valid license file as if it were a valid license file of an existing vendor.


4) Inadequate Encryption Strength (CVE-ID: CVE-2020-14517)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the protocol encryption can be easily broken and the server accepts external connections. A remote attacker can communicate with the CodeMeter API.


5) Origin validation error (CVE-ID: CVE-2020-14519)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to origin validation error. A remote attacker can use the internal WebSockets API via a specifically crafted Java Script payload and alter or create license files when combined with CVE-2020-14515.


6) Improper Resource Shutdown or Release (CVE-ID: CVE-2020-16233)

The vulnerability allows a remote attacker to gain access to sensitive information on the system.

The vulnerability exists due to improper resource shutdown or release. A remote attacker can send a specially crafted packet that can have the server send back packets containing data from the heap.


Remediation

Install update from vendor's website.

References