QID 591199

Date Published: 2022-11-25

QID 591199: Siemens PROFINET Stack Integrated on Interniche Stack (Update D) Vulnerability (ICSA-22-104-06, SSA-446448)

AFFECTED PRODUCTS

The following SIMATIC products are affected
CFU DIQ (6ES7655-5PX31-1XX0): All versions
CFU PA (6ES7655-5PX11-0XX0): All versions
ET200AL IM157-1 PN: All versions
ET200ecoPN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0): Versions 5.1.1 and later
ET200ecoPN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0): Versions 5.1.1 and later
ET200ecoPN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0): Versions 5.1.1 and later
ET200ecoPN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0): Versions 5.1.1 and later
ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0): Versions 5.1.1 and later
ET200ecoPN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0): Versions 5.1.1 and later
ET200MP IM155-5 PN HF (incl. SIPLUS variants): Versions 4.2 and later
ET200SP IM155-6 MF HF: All versions
ET200SP IM155-6 PN HA (incl. SIPLUS variants): All versions
ET200SP IM155-6 PN HF (incl. SIPLUS variants): Versions 4.2 and later
ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants): Versions 4.2 and later
ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants): Versions 4.2 and later
ET 200pro IM154-8 PN/DP CPU(6ES7154-8AB01-0AB0): All versions prior to V3.2.19
ET 200pro IM154-8F PN/DP CPU(6ES7154-8FB01-0AB0): All versions prior to V3.2.19
ET 200pro IM154-8FX PN/DP CPU(6ES7154-8FX00-0AB0): All versions prior to V3.2.19
ET 200S IM151-8 PN/DP CPU(6ES7151-8AB01-0AB0): All versions prior to V3.2.19
ET 200S IM151-8F PN/DP CPU(6ES7151-8FB01-0AB0): All versions prior to V3.2.19
PN/MF Coupler (6ES7158-3MU10-0XA0): All versions
PN/PN Coupler (6ES7158-3AD10-0XA0): Versions 4.2 and later
S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0): All versions prior to V3.3.19
S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0): All versions prior to V3.2.19
S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0): All versions prior to V3.2.19
S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0): All versions prior to V3.2.19
S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0): All versions prior to V3.2.19
S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0): All versions prior to V3.2.19
S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0): All versions prior to V3.2.19
S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0): All versions prior to V3.2.19
S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0): All versions prior to V3.2.19
S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0): All versions prior to V3.2.19
S7-400 H V6 CPU family (incl. SIPLUS variants): All versions prior to v6.0.10
S7-400 PN/DP V7 CPU family (incl. SIPLUS variants): All versions
S7-410 V8 CPU family (incl. SIPLUS variants): All versions prior to V8.2.3
S7-410 V8 CPU family (incl. SIPLUS variants): All versions
S7-410 V10 CPU family (incl. SIPLUS variants): All versions
S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants): All versions prior to v2.0.0
TDC CP51M1: All versions
TDC CPU555: All versions
WinAC RTX: All versions

The following SINAMICS products are affected
DCM: All versions with Ethernet interface
G110M: All versions with Ethernet interface
G115D: All versions with Ethernet interface
G120 (incl. SIPLUS variants): All versions with Ethernet interface
G130: All versions
G150: All versions
S110: All versions with Ethernet interface
S120 (incl. SIPLUS variants): All versions
S150: All versions
S210: All versions
V90: All versions with Ethernet interface
SIPLUS HCS4200 CIM4210 (6BK1942-1AA00-0AA0): All versions
SIPLUS HCS4200 CIM4210C (6BK1942-1AA00-0AA1): All versions
SIPLUS HCS4300 CIM4310 (6BK1943-1AA00-0AA0): All versions
SIPLUS NET PN/PN Coupler (6AG2158-3AD10-4XA0): Versions 4.2 and later

QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning

Successful exploitation of this vulnerability could allow a denial-of-service condition.

  • CVSS V3 rated as High - 7.5 severity.
  • CVSS V2 rated as Medium - 5 severity.
  • Solution

    Customers are advised to refer to CERT MITIGATIONS section icsa-22-104-06 for affected packages and patching details.

    Vendor References

    CVEs related to QID 591199

    Software Advisories
    Advisory ID Software Component Link
    SSA-446448: URL Logo cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf
    icsa-22-104-06 URL Logo www.cisa.gov/uscert/ics/advisories/icsa-22-104-06