CVE-2021-42029

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7:16:update1:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7:16:update2:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7:16:update3:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7:16:update4:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7:17:-:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_step_7:17:update1:*:*:*:*:*:*
OR cpe:2.3:h:siemens:simatic_s7-1200_cpu:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1200_cpu_1211c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212fc:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214fc:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215_fc:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215fc:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1200_cpu_1217c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1507s:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1507s_f:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1508s:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1508s_f:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1510sp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1510sp-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511-1_pn:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511c-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511f-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511f-1_pn:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511t-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511tf-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512c-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512sp-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512spf-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513-1_pn:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513f-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513f-1_pn:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1513r-1:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515-2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515-2_pn:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515f-2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515f-2_pn:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515r-2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515t-2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1515tf-2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_dp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_pn:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516-3_pn\/dp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516f-3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516f-3_pn\/dp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516pro-2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516pro_f:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516t-3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1516tf-3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3_dp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3_pn:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517-3_pn\/dp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517f-3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517f-3_pn\/dp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1517tf-3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_dp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\/dp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\/dp_mfp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518f-4_pn\/dp:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518hf-4:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518t-4:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518tf-4:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:27

Type Values Removed Values Added
References () https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf - Patch, Vendor Advisory () https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf - Patch, Vendor Advisory

Information

Published : 2022-04-12 09:15

Updated : 2024-11-21 06:27


NVD link : CVE-2021-42029

Mitre link : CVE-2021-42029

CVE.ORG link : CVE-2021-42029


JSON object : View

Products Affected

siemens

  • simatic_s7-1500_cpu_1518-4
  • simatic_s7-1500_cpu_1516-3_pn\/dp
  • simatic_s7-1200_cpu_1212fc
  • simatic_s7-1500_cpu_1512c-1
  • simatic_s7-1200_cpu_1215c
  • simatic_s7-1200_cpu_1217c
  • simatic_s7-1200_cpu_1214c
  • simatic_s7-1500_cpu_1517-3_pn
  • simatic_s7-1500_cpu_1515t-2
  • simatic_s7-1500_cpu_1508s_f
  • simatic_s7-1500_cpu_1507s
  • simatic_s7-1500_cpu_1513-1
  • simatic_s7-1200_cpu_1211c
  • simatic_s7-1500_cpu_1515f-2_pn
  • simatic_s7-1500_cpu_1507s_f
  • simatic_s7-1500_cpu_1518-4_pn
  • simatic_s7-1500_cpu_1518-4_pn\/dp
  • simatic_s7-1500_cpu_1518-4_pn\/dp_mfp
  • simatic_s7-1500_cpu_1517f-3
  • simatic_s7-1500_cpu_1516t-3
  • simatic_s7-1500_cpu_1511t-1
  • simatic_s7-1500_cpu_1515r-2
  • simatic_s7-1500_cpu_1518-4_dp
  • simatic_s7-1500_cpu_1513r-1
  • simatic_s7-1500_cpu_1513-1_pn
  • simatic_s7-1500_cpu_1518hf-4
  • simatic_s7-1500_cpu_1517tf-3
  • simatic_s7-1500_cpu_1518t-4
  • simatic_s7-1500_cpu_1510sp-1
  • simatic_s7-1500_cpu_1512c
  • simatic_s7-1200_cpu_1215_fc
  • simatic_s7-1500_cpu_1515tf-2
  • simatic_s7-1500_cpu_1518f-4
  • simatic_s7-1500_cpu_1511-1
  • simatic_s7-1500_cpu_1511f-1_pn
  • simatic_s7-1200_cpu_1215fc
  • simatic_s7-1500_cpu_1516f-3
  • simatic_s7-1200_cpu_1214_fc
  • simatic_s7-1500_cpu_1516-3_pn
  • simatic_s7-1500_cpu_1510sp
  • simatic_s7-1500_cpu_1513f-1
  • simatic_s7-1500_cpu_1517-3_pn\/dp
  • simatic_s7-1500_cpu_1511tf-1
  • simatic_s7-1200_cpu_1214fc
  • simatic_s7-1500_cpu_1516f-3_pn\/dp
  • simatic_s7-1500_cpu_1516-3_dp
  • simatic_s7-1500_cpu_1515-2
  • simatic_s7-1500_cpu_1511f-1
  • simatic_s7-1500_cpu_1515f-2
  • simatic_s7-1500_cpu_1518f-4_pn\/dp
  • simatic_s7-1200_cpu
  • simatic_s7-1500_cpu
  • simatic_s7-1500_cpu_1516pro-2
  • simatic_s7-1500_cpu_1516tf-3
  • simatic_s7-1500_cpu_1508s
  • simatic_s7-1500_cpu_1511c-1
  • simatic_s7-1500_cpu_1511c
  • simatic_s7-1500_cpu_1516pro_f
  • simatic_s7-1500_cpu_1516-3
  • simatic_s7-1500_cpu_1515-2_pn
  • simatic_s7-1500_cpu_1517-3
  • simatic_s7-1500_cpu_1513f-1_pn
  • simatic_s7-1500_cpu_1517f-3_pn\/dp
  • simatic_s7-1500_cpu_1511-1_pn
  • simatic_s7-1500_cpu_1512spf-1
  • simatic_s7-1500_cpu_1518
  • simatic_s7-1500_cpu_1518tf-4
  • simatic_step_7
  • simatic_s7-1200_cpu_1212c
  • simatic_s7-1500_cpu_1512sp-1
  • simatic_s7-1500_cpu_1517-3_dp
CWE
CWE-284

Improper Access Control

NVD-CWE-Other