Strix
26.1K

CVE-2021-31894

HIGHCVSS 8.8/10EPSS 0.23%

Last modified

CVE-2021-31894 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. EPSS estimates a 0.23% chance of exploitation in the next 30 days.

Description

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.

Metrics

CVSS 3.1
8.8/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Probability
0.23%

13.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
SiemensSimatic Pcs 7 Firmware<= 8.2
SiemensSimatic Pcs 7 Firmware9.0
SiemensSimatic Pdm FirmwareAll versions
SiemensSimatic Step 7 Firmware>= 5.0, < 5.7
SiemensSinamics Starter Firmware< 5.4
SiemensSinamics Starter Firmware5.4

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-31894?
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.
How severe is CVE-2021-31894?
CVE-2021-31894 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 0.23% probability of exploitation in the next 30 days.
How do I fix CVE-2021-31894?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-31894?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST