Siemans WIBU Systems CodeMeter

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 

View CSAF

1. EXECUTIVE SUMMARY

  • CVSS v3 9.0
  • ATTENTION: Exploitable remotely
  • Vendor: Siemens
  • Equipment: WIBU Systems CodeMeter
  • Vulnerability: Heap-Based Buffer Overflow

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow an unauthenticated attacker to escalate privileges or execute arbitrary code.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following products of Siemens, are affected:

  • PSS(R)CAPE V14: All versions prior to V14.2023-08-23
  • PSS(R)CAPE V15: All versions prior to V15.0.22
  • PSS(R)E V34: All versions prior to V34.9.6
  • PSS(R)E V35: All versions
  • PSS(R)ODMS V13.0: All versions
  • PSS(R)ODMS V13.1: All versions prior to V13.1.12.1
  • SIMATIC PCS neo V3: All versions
  • SIMATIC PCS neo V4: All versions
  • SIMATIC WinCC OA V3.17: All versions
  • SIMATIC WinCC OA V3.18: All versions
  • SIMATIC WinCC OA V3.19: All versions prior to V3.19 P006
  • SIMIT Simulation Platform: All versions
  • SINEC INS: All versions
  • SINEMA Remote Connect: All versions

3.2 Vulnerability Overview

3.2.1 HEAP-BASED BUFFER OVERFLOW CWE-122

In CodeMeter Runtime versions up to 7.60b, there is a heap buffer overflow vulnerability which can potentially lead to a remote code execution. Currently, no PoC is known. To exploit the heap overflow, additional protection mechanisms need to be broken. Remote access is only possible if CodeMeter is configured as a server. If CodeMeter is not configured as a server, an attacker would need to log in to t

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from All CISA Advisories

Read the original article: