CVE-2021-42029

Summary

CVE	CVE-2021-42029
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-04-12 09:15:00 UTC
Updated	2022-08-09 00:31:00 UTC
Description	A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Siemens	Simatic S7-1200 Cpu	-	All	All	All
Hardware	Siemens	Simatic S7-1200 Cpu 1211c	-	All	All	All
Hardware	Siemens	Simatic S7-1200 Cpu 1212c	-	All	All	All
Hardware	Siemens	Simatic S7-1200 Cpu 1212fc	-	All	All	All
Hardware	Siemens	Simatic S7-1200 Cpu 1214c	-	All	All	All
Hardware	Siemens	Simatic S7-1200 Cpu 1214fc	-	All	All	All
Hardware	Siemens	Simatic S7-1200 Cpu 1214 Fc	-	All	All	All
Hardware	Siemens	Simatic S7-1200 Cpu 1215c	-	All	All	All
Hardware	Siemens	Simatic S7-1200 Cpu 1215fc	-	All	All	All
Hardware	Siemens	Simatic S7-1200 Cpu 1215 Fc	-	All	All	All
Hardware	Siemens	Simatic S7-1200 Cpu 1217c	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1507s	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1507s F	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1508s	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1508s F	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1510sp	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1510sp-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1511-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1511-1 Pn	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1511c	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1511c-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1511f-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1511f-1 Pn	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1511t-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1511tf-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1512c	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1512c-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1512sp-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1512spf-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1513-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1513-1 Pn	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1513f-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1513f-1 Pn	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1513r-1	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1515-2	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1515-2 Pn	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1515f-2	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1515f-2 Pn	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1515r-2	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1515t-2	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1515tf-2	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1516-3	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1516-3 Dp	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1516-3 Pn	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1516-3 Pn/dp	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1516f-3	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1516f-3 Pn/dp	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1516pro-2	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1516pro F	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1516t-3	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1516tf-3	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1517-3	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1517-3 Dp	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1517-3 Pn	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1517-3 Pn/dp	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1517f-3	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1517f-3 Pn/dp	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1517tf-3	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1518	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1518-4	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1518-4 Dp	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1518-4 Pn	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1518-4 Pn/dp	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1518-4 Pn/dp Mfp	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1518f-4	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1518f-4 Pn/dp	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1518hf-4	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1518t-4	-	All	All	All
Hardware	Siemens	Simatic S7-1500 Cpu 1518tf-4	-	All	All	All
Application	Siemens	Simatic Step 7	All	All	All	All
Application	Siemens	Simatic Step 7	16	-	All	All
Application	Siemens	Simatic Step 7	16	update1	All	All
Application	Siemens	Simatic Step 7	16	update2	All	All
Application	Siemens	Simatic Step 7	16	update3	All	All
Application	Siemens	Simatic Step 7	16	update4	All	All
Application	Siemens	Simatic Step 7	17	-	All	All
Application	Siemens	Simatic Step 7	17	update1	All	All

References

Reference	Source	Link	Tags
N/A	CONFIRM	cert-portal.siemens.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

591128 Siemens SIMATIC STEP 7 TIA Portal Improper Access Control Vulnerability (SSA-350757)