Details of VAR-201707-1137

ID

VAR-201707-1137

CVE

CVE-2017-6868

TITLE

Siemens SIMATIC CP 44x-1 RNA In RNA Series module CP Vulnerability to perform administrator operations on

Trust: 0.8

sources: JVNDB: JVNDB-2017-005583

DESCRIPTION

An Improper Authentication issue was discovered in Siemens SIMATIC CP 44x-1 RNA, all versions prior to 1.4.1. An unauthenticated remote attacker may be able to perform administrative actions on the Communication Process (CP) of the RNA series module, if network access to Port 102/TCP is available and the configuration file for the CP is stored on the RNA's CPU. The SiemensSIMATICCP44x-1RNA is a communications processor that integrates security functions such as firewall, VPN, security protocol, data encryption, etc., providing network connectivity and secure communication for the s7-1500 controller. An unauthorized operating vulnerability exists in the pre-1.4.1 version of the Siemens SIMATICCP44x-1RNA module. Siemens SIMATIC CP 44x-1 Redundant is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks

Trust: 2.61

sources: NVD: CVE-2017-6868 // JVNDB: JVNDB-2017-005583 // CNVD: CNVD-2017-10562 // BID: 99234 // IVD: 672426ea-158d-49e1-aaf0-f6cc1a05260b

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: 672426ea-158d-49e1-aaf0-f6cc1a05260b // CNVD: CNVD-2017-10562

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic cp 44x-1 redundant network access modules	scope:	lte	version:	1.4.0	Trust: 1.0
vendor:	siemens	model:	simatic cp 44x-1 rna	scope:	eq	version:	1.4.1	Trust: 0.8
vendor:	siemens	model:	simatic cp 44x-1 rna	scope:	lt	version:	all versions	Trust: 0.8
vendor:	siemens	model:	simatic cp rna	scope:	eq	version:	44x-1<v1.4.1	Trust: 0.6
vendor:	siemens	model:	simatic cp 44x-1 redundant network access modules	scope:	eq	version:	1.4.0	Trust: 0.6
vendor:	siemens	model:	simatic cp rna	scope:	eq	version:	44x-11.4	Trust: 0.3
vendor:	siemens	model:	simatic cp rna	scope:	ne	version:	44x-11.4.1	Trust: 0.3
vendor:	simatic cp 44x 1 redundant network access modules	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 672426ea-158d-49e1-aaf0-f6cc1a05260b // CNVD: CNVD-2017-10562 // BID: 99234 // JVNDB: JVNDB-2017-005583 // CNNVD: CNNVD-201703-629 // NVD: CVE-2017-6868

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6868
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-6868
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-10562
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201703-629
value:	MEDIUM
Trust: 0.6
IVD:	672426ea-158d-49e1-aaf0-f6cc1a05260b
value:	MEDIUM
Trust: 0.2

nvd@nist.gov:	CVE-2017-6868
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-10562
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	672426ea-158d-49e1-aaf0-f6cc1a05260b
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2017-6868
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: 672426ea-158d-49e1-aaf0-f6cc1a05260b // CNVD: CNVD-2017-10562 // JVNDB: JVNDB-2017-005583 // CNNVD: CNNVD-201703-629 // NVD: CVE-2017-6868

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.8

sources: JVNDB: JVNDB-2017-005583 // NVD: CVE-2017-6868

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-629

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201703-629

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-005583

PATCH

title:	SSA-126840	url:	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf	Trust: 0.8
title:	SiemensSIMATICCP44x-1RNA Module Unauthorized Patch for Operational Vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/96042	Trust: 0.6

sources: CNVD: CNVD-2017-10562 // JVNDB: JVNDB-2017-005583

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6868	Trust: 3.5
db:	ICS CERT	id:	ICSA-17-173-01	Trust: 2.7
db:	SIEMENS	id:	SSA-126840	Trust: 1.6
db:	BID	id:	99234	Trust: 1.3
db:	SECTRACK	id:	1038788	Trust: 1.0
db:	CNVD	id:	CNVD-2017-10562	Trust: 0.8
db:	CNNVD	id:	CNNVD-201703-629	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-005583	Trust: 0.8
db:	IVD	id:	672426EA-158D-49E1-AAF0-F6CC1A05260B	Trust: 0.2

sources: IVD: 672426ea-158d-49e1-aaf0-f6cc1a05260b // CNVD: CNVD-2017-10562 // BID: 99234 // JVNDB: JVNDB-2017-005583 // CNNVD: CNNVD-201703-629 // NVD: CVE-2017-6868

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-173-01	Trust: 2.7
url:	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-126840.pdf	Trust: 1.6
url:	http://www.securitytracker.com/id/1038788	Trust: 1.0
url:	http://www.securityfocus.com/bid/99234	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6868	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6868	Trust: 0.8
url:	http://www.siemens.com/	Trust: 0.3

sources: CNVD: CNVD-2017-10562 // BID: 99234 // JVNDB: JVNDB-2017-005583 // CNNVD: CNNVD-201703-629 // NVD: CVE-2017-6868

CREDITS

The vendor reported the issue.

Trust: 0.3

sources: BID: 99234

SOURCES

db:	IVD	id:	672426ea-158d-49e1-aaf0-f6cc1a05260b
db:	CNVD	id:	CNVD-2017-10562
db:	BID	id:	99234
db:	JVNDB	id:	JVNDB-2017-005583
db:	CNNVD	id:	CNNVD-201703-629
db:	NVD	id:	CVE-2017-6868

LAST UPDATE DATE

2025-04-20T23:34:19.697000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-10562	date:	2017-06-21T00:00:00
db:	BID	id:	99234	date:	2017-06-22T00:00:00
db:	JVNDB	id:	JVNDB-2017-005583	date:	2017-08-01T00:00:00
db:	CNNVD	id:	CNNVD-201703-629	date:	2017-07-10T00:00:00
db:	NVD	id:	CVE-2017-6868	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	IVD	id:	672426ea-158d-49e1-aaf0-f6cc1a05260b	date:	2017-06-21T00:00:00
db:	CNVD	id:	CNVD-2017-10562	date:	2017-06-21T00:00:00
db:	BID	id:	99234	date:	2017-06-22T00:00:00
db:	JVNDB	id:	JVNDB-2017-005583	date:	2017-08-01T00:00:00
db:	CNNVD	id:	CNNVD-201703-629	date:	2017-03-16T00:00:00
db:	NVD	id:	CVE-2017-6868	date:	2017-07-07T17:29:00.340