Auth bypass in Siemens Simatic Drive Controller Family

CVE-2020-28397

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 <…

Vulnerability class: Broken Access Control

EPSS: 0.002 (39.8th percentile) — read the EPSS interpretation.

Affected products

Siemens Simatic Drive Controller Family — versions All versions < V2.9.2
Siemens Simatic Et 200sp Open Controller Cpu 1515sp Pc2 (Incl. Siplus Variants) — versions All versions < V21.9
Siemens Simatic S7-1200 Cpu Family (Incl. Siplus Variants) — versions Version V4.4
Siemens Simatic S7-1500 Cpu Family (Incl. Related Et200 Cpus And Siplus Variants) — versions All versions > V2.5 < V2.9.2
Siemens Simatic S7-1500 Software Controller — versions All versions > V2.5 < V21.9
Siemens Simatic S7 Plcsim Advanced — versions All versions > V2 < V4
Siemens Tim 1531 Irc (Incl. Siplus Net Variants) — versions Version V2.1

Weakness classification (CWE)

CWE-863 — Incorrect Authorization

References

cert-portal.siemens.com/productcert/pdf/ssa-865327.pdf (x_refsource_MISC)