Memory Protection Bypass in Siemens SIMATIC Drive Controllers and S7 Families
CVE-2020-15782

9.8CRITICAL

Key Information:

Vendor
Siemens
Status
Simatic Drive Controller Family
Simatic Et 200sp Open Controller Cpu 1515sp Pc (incl. Siplus Variants)
Simatic Et 200sp Open Controller Cpu 1515sp Pc2 (incl. Siplus Variants)
Simatic S7-1200 Cpu Family (incl. Siplus Variants)
Vendor
CVE Published:
28 May 2021

Summary

A memory protection bypass vulnerability exists in various Siemens SIMATIC Drive Controllers and S7 families. This vulnerability allows a remote unauthenticated attacker with network access to port 102/tcp to potentially write arbitrary data or code to protected memory areas, or read sensitive data. This could lead to further attacks on interconnected systems, posing significant risks to the integrity and security of industrial control systems.

Affected Version(s)

SIMATIC Drive Controller family All versions < V2.9.2

SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) All versions

SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) All versions < V21.9

References

https://cert-portal.siemens.com/productcert/pdf/ssa-43453...
x_refsource_MISC
https://cert-portal.siemens.com/productcert/pdf/ssa-43453...
x_refsource_MISC
https://cert-portal.siemens.com/productcert/pdf/ssa-43453...
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.