检测
分析学
西门斯核核基础APOGE和TALON产品不适当限制内存缓冲内操作
高位可租OT安全插件ID500563
简表
远程OT资产受脆弱性影响描述性
A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4).处理DHCPACK消息时,DHCP客户端应用不验证卖主选项长度,导致拒绝服务条件(FSMD-2021-0013)插件只对Tenable.ot工作
网站s/www.yyueer.com/products/tenable-ot获取更多信息
求解
下文原由网络安全基础设施安全局创建原创可见于CISA.gov西门子推荐下列具体变通和缓冲用户可应用来减少风险:
Desigo产品:更新至v6.3.0.016
APOGEPXC压缩和APOGEEPXC模版更新联系Siemens办公室支持
TALONTC契约(BACnet)、TALONTC模版(BACnet)、APOGEPXC契约(BACnet)和APOGEPXC模版(BACnet):
更新到 v3.5.4或后联系Siemens办公室支持
CVE-2021-31881、CVE-2021-31883、CVE-2021-31884:禁用DHCP客户端并代之使用静态IP配置
CVE-2021-31885、CVE-2021-31886、CVE-2021-3187、CVE-2021-31888:禁用FTP服务
西门子强烈建议保护网络访问带适当机制的受影响产品推荐安全实践运行设备
详情见Siemens安全咨询SSA-114589
并见
https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-21-313-03
https://www.cisa.gov/news-events/ics-advisories/icsa-21-315-07
插件细节
严重性 :高位
身份证 :50563
版本化 :1.4
类型 :远程
家庭问题 :可调用.ot
发布 :2/7/2022
更新 :8/62023
风险信息
VPR
风险因子 :低频
分数 :3.6
CVSS v2
风险因子 :中度
基础评分 :5
向量 :CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS评分源 :CVE-2021-31883
CVSSv3
风险因子 :高位
基础评分 :7.5
向量 :CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞信息
CPE系统 :cpe:/o:siemens:apogee_modular_building_controller_firmware,cpe:/o:siemens:apogee_modular_equiment_controller_firmware,cpe:/o:siemens:apogee_pxc_compact_firmware,cpe:/o:siemens:apogee_pxc_modular_firmware
需要kb项 :Tenable.ot/Siemens
开发易斯 :无已知利用
补丁发布日期 :11/9/2021
漏洞发布日期 :11/9/2021
参考信息
CVE系统 :CVE-2021-31883
CWE系统 :119号