SB2021091614 - Multiple vulnerabilities in Siemens SINEMA Remote Connect Server

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021091614

SB2021091614 - Multiple vulnerabilities in Siemens SINEMA Remote Connect Server

Published: September 16, 2021

Security Bulletin ID SB2021091614
Severity
Low
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Adjecent network
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Modification of assumed-immutable data (CVE-ID: CVE-2021-37177)

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to application does not perform validation of the attacker-controlled data, assuming that data is valid and safe. A remote attacker on the local network can manipulate with the status provided by the syslog clients managed by the affected software.


2) Improper access control (CVE-ID: CVE-2021-37183)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to the affected software allows sending send-to-sleep notifications to the managed devices. A remote attacker on the local network can cause a denial of service condition on the target system.


3) Information disclosure (CVE-ID: CVE-2021-37190)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.


4) Improper control of interaction frequency (CVE-ID: CVE-2021-37191)

The vulnerability allows a remote attacker to gain access to sensitive information on the target system.

The vulnerability exists due to the affected software lacks brute force protection. A remote attacker on the local network can brute force the usernames from the affected software.


5) Information disclosure (CVE-ID: CVE-2021-37192)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.


6) Modification of assumed-immutable data (CVE-ID: CVE-2021-37193)

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to application does not perform validation of the attacker-controlled data, assuming that data is valid and safe. A remote attacker on the local network can manipulate certain parameters and set a valid user of the affected software as invalid (or vice-versa).


Remediation

Install update from vendor's website.

References