检测
分析学
西门斯核子基础APOGE和TALON产品误差终止
高位可租OT安全插件ID 500561
简表
远程OT资产受脆弱性影响描述性
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4).FTP服务器不正确验证PWD/XPD命令长度,导致栈缓冲溢出可能导致拒绝服务条件和远程代码执行(FSMD-2021-0016)插件只对Tenable.ot工作
网站s/www.yyueer.com/products/tenable-ot获取更多信息
求解
下文原由网络安全基础设施安全局创建原创可见于CISA.gov西门子推荐下列具体变通和缓冲用户可应用来减少风险:
Desigo产品:更新至v6.3.0.016
APOGEPXC压缩和APOGEEPXC模版更新联系Siemens办公室支持
TALONTC契约(BACnet)、TALONTC模版(BACnet)、APOGEPXC契约(BACnet)和APOGEPXC模版(BACnet):
更新到 v3.5.4或后联系Siemens办公室支持
CVE-2021-31881、CVE-2021-31883、CVE-2021-31884:禁用DHCP客户端并代之使用静态IP配置
CVE-2021-31885、CVE-2021-31886、CVE-2021-3187、CVE-2021-31888:禁用FTP服务
西门子强烈建议保护网络访问带适当机制的受影响产品推荐安全实践运行设备
详情见Siemens安全咨询SSA-114589
并见
https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-21-313-03
https://www.cisa.gov/news-events/ics-advisories/icsa-21-315-07
插件细节
严重性 :高位
身份证 :500561
版本化 :1.5
类型 :远程
家庭问题 :可调用.ot
发布 :2/7/2022
更新 :8/62023
风险信息
VPR
风险因子 :中度
分数 :5点9分
CVSS v2
风险因子 :中度
基础评分 :6.5
向量 :CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS评分源 :CVE202131887
CVSSv3
风险因子 :高位
基础评分 :8.8
向量 :CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞信息
CPE系统 :cpe:/o:siemens:apogee_modular_building_controller_firmware,cpe:/o:siemens:apogee_modular_equiment_controller_firmware,cpe:/o:siemens:desigo_pxc00-e.d_firmware,cpe:/o:siemens:desigo_pxc00-u_firmware,cpe:/o:siemens:desigo_pxc001-e.d_firmware,cpe:/o:siemens:desigo_pxc100-e.d_firmware,cpe:/o:siemens:desigo_pxc12-e.d_firmware,cpe:/o:siemens:desigo_pxc128-u_firmware,cpe:/o:siemens:desigo_pxc200-e.d_firmware,cpe:/o:siemens:desigo_pxc22-e.d_firmware,cpe:/o:siemens:desigo_pxc22.1-e.d_firmware,cpe:/o:siemens:desigo_pxc36.1-e.d_firmware,cpe:/o:siemens:desigo_pxc50-e.d_firmware,cpe:/o:siemens:desigo_pxc64-u_firmware,cpe:/o:siemens:desigo_pxm20-e_firmware,cpe:/o:siemens:apogee_pxc_compact_firmware:::~~bacnet~~~,cpe:/o:siemens:apogee_pxc_compact_firmware:::~~p2_ethernet~~~,cpe:/o:siemens:apogee_pxc_modular_firmware:::~~bacnet~~~,cpe:/o:siemens:apogee_pxc_modular_firmware:::~~p2_ethernet~~~
需要kb项 :Tenable.ot/Siemens
开发易斯 :无已知利用
补丁发布日期 :11/9/2021
漏洞发布日期 :11/9/2021
参考信息
CVE系统 :CVE202131887
CWE系统 :170