Use of Obsolete Function in Siemens Server applications

#VU77319 Use of Obsolete Function in Siemens Server applications

Published: 2023-06-14

Vulnerability identifier: #VU77319

Vulnerability risk: Low

CVSSv3.1: 3.4 [CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28829

CWE-ID: CWE-477

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
SIMATIC NET PC Software
Server applications / SCADA systems
SIMATIC PCS 7
Server applications / SCADA systems
SINAUT Software ST7sc
Server applications / SCADA systems
Siemens SIMATIC WinCC
Server applications / SCADA systems

Vendor: Siemens

Description

The vulnerability allows a remote user to compromise the target system.

The vulnerability exists due to due to use of obsolete function. A remote administrator on the local network can bypass authentication process on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

SIMATIC NET PC Software: 14 - 15

SIMATIC PCS 7: 8.2 - 9.1

SINAUT Software ST7sc: All versions

External links
http://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Use of Obsolete Function in Siemens SIMATIC WinCC, SIMATIC NET PC, SIMATIC PCS and SINAUT Software ST7sc