File Path Injection Vulnerability in Siemens OpenPCS and SIMATIC Products
CVE-2021-40359

7.7HIGH

Key Information:

Vendor: Siemens
Status: Openpcs 7 V8.2; Openpcs 7 V9.0; Openpcs 7 V9.1; Simatic Batch V8.2
Vendor: CVE Published:; 9 November 2021

Summary

A vulnerability exists in multiple Siemens products where the systems fail to adequately neutralize certain characters within the pathname during file downloads. This failure allows attackers to craft paths that bypass restrictions, enabling them to access sensitive files outside of the intended directory. This issue affects various versions of OpenPCS, SIMATIC BATCH, SIMATIC NET PC Software, SIMATIC PCS, and SIMATIC WinCC, creating a significant security risk for users of these systems.

Affected Version(s)

OpenPCS 7 V8.2 All versions

OpenPCS 7 V9.0 All versions < V9.0 Upd4

OpenPCS 7 V9.1 All versions

References

https://cert-portal.siemens.com/productcert/pdf/ssa-84018...

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Nov 9, 2021
Vulnerability Reserved
Sep 1, 2021