CVE-2021-31337 - OpenCVE

The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions).

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	Sinamics Sl150 Sinamics Sl150 Firmware Sinamics Sm150 Sinamics Sm150 Firmware Sinamics Sm150i Sinamics Sm150i Firmware

Configuration 1 [-]

AND

cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*

cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*

cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*

cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04

History

No history.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2021-06-28T12:24:58

Updated: 2024-08-03T22:55:53.698Z

Reserved: 2021-04-15T00:00:00

Link: CVE-2021-31337

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-06-28T13:15:20.840

Modified: 2021-07-02T14:05:42.270

Link: CVE-2021-31337

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "SINAMICS Medium Voltage Products", "vendor": "n/a", "versions": [{"status": "affected", "version": "SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions"}]}], "descriptions": [{"lang": "en", "value": "The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions)."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "description": "MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-06-28T12:24:58", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2021-31337", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SINAMICS Medium Voltage Products", "version": {"version_data": [{"version_value": "SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306"}]}]}, "references": {"reference_data": [{"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T22:55:53.698Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04"}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2021-31337", "datePublished": "2021-06-28T12:24:58", "dateReserved": "2021-04-15T00:00:00", "dateUpdated": "2024-08-03T22:55:53.698Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*", "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*", "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*", "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions)."}, {"lang": "es", "value": "El servicio Telnet del componente del sistema SIMATIC HMI Comfort Panels en los productos afectados no requiere autenticaci\u00f3n, lo que puede permitir a un atacante remoto conseguir acceso al dispositivo si el servicio est\u00e1 habilitado. Telnet est\u00e1 desactivado por defecto en los productos SINAMICS Medium Voltage (SINAMICS SL150: Todas las versiones, SINAMICS SM150: Todas las versiones, SINAMICS SM150i: Todas las versiones)"}], "id": "CVE-2021-31337", "lastModified": "2021-07-02T14:05:42.270", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-28T13:15:20.840", "references": [{"source": "productcert@siemens.com", "tags": ["Not Applicable", "Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "productcert@siemens.com", "type": "Primary"}]}