Multiple vulnerabilities in Siemens SIMATIC RFID Readers
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2024-37990 CVE-2024-37991 CVE-2024-37992 CVE-2024-37993 CVE-2024-37994 CVE-2024-37995 |
| CWE-ID | CWE-912 CWE-200 CWE-703 CWE-284 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SIMATIC RF166C Server applications / SCADA systems SIMATIC RF185C Hardware solutions / Routers & switches, VoIP, GSM, etc SIMATIC RF186C Hardware solutions / Routers & switches, VoIP, GSM, etc SIMATIC RF186CI Hardware solutions / Routers & switches, VoIP, GSM, etc SIMATIC RF188C Hardware solutions / Routers & switches, VoIP, GSM, etc SIMATIC RF188CI Hardware solutions / Routers & switches, VoIP, GSM, etc SIMATIC Reader RF610R CMIIT Hardware solutions / Firmware SIMATIC Reader RF610R ETSI Hardware solutions / Firmware SIMATIC Reader RF610R FCC Hardware solutions / Firmware SIMATIC Reader RF615R CMIIT Hardware solutions / Firmware SIMATIC Reader RF615R ETSI Hardware solutions / Firmware SIMATIC Reader RF615R FCC Hardware solutions / Firmware SIMATIC Reader RF650R ARIB Hardware solutions / Firmware SIMATIC Reader RF650R CMIIT Hardware solutions / Firmware SIMATIC Reader RF650R ETSI Hardware solutions / Firmware SIMATIC Reader RF650R FCC Hardware solutions / Firmware SIMATIC Reader RF680R ARIB Hardware solutions / Firmware SIMATIC Reader RF680R CMIIT Hardware solutions / Firmware SIMATIC Reader RF680R ETSI Hardware solutions / Firmware SIMATIC Reader RF680R FCC Hardware solutions / Firmware SIMATIC Reader RF685R ARIB Hardware solutions / Firmware SIMATIC Reader RF685R CMIIT Hardware solutions / Firmware SIMATIC Reader RF685R ETSI Hardware solutions / Firmware SIMATIC Reader RF685R FCC Hardware solutions / Firmware SIMATIC RF1140R Hardware solutions / Firmware SIMATIC RF1170R Hardware solutions / Firmware SIMATIC RF360R Hardware solutions / Firmware |
| Vendor | Siemens |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Hidden functionality
EUVDB-ID: #VU97148
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-37990
CWE-ID:
CWE-912 - Hidden Functionality (Backdoor)
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise vulnerable system
The vulnerability exists due to the affected applications contain configuration files which can be modified. A remote administrator can modify these files and enable features that are not released for this device.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSIMATIC RF166C: before 2.2
SIMATIC RF185C: before 2.2
SIMATIC RF186C: before 2.2
SIMATIC RF186CI: before 2.2
SIMATIC RF188C: before 2.2
SIMATIC RF188CI: before 2.2
SIMATIC Reader RF610R CMIIT: before 4.2
SIMATIC Reader RF610R ETSI: before 4.2
SIMATIC Reader RF610R FCC: before 4.2
SIMATIC Reader RF615R CMIIT: before 4.2
SIMATIC Reader RF615R ETSI: before 4.2
SIMATIC Reader RF615R FCC: before 4.2
SIMATIC Reader RF650R ARIB: before 4.2
SIMATIC Reader RF650R CMIIT: before 4.2
SIMATIC Reader RF650R ETSI: before 4.2
SIMATIC Reader RF650R FCC: before 4.2
SIMATIC Reader RF680R ARIB: before 4.2
SIMATIC Reader RF680R CMIIT: before 4.2
SIMATIC Reader RF680R ETSI: before 4.2
SIMATIC Reader RF680R FCC: before 4.2
SIMATIC Reader RF685R ARIB: before 4.2
SIMATIC Reader RF685R CMIIT: before 4.2
SIMATIC Reader RF685R ETSI: before 4.2
SIMATIC Reader RF685R FCC: before 4.2
SIMATIC RF1140R: before 1.1
SIMATIC RF1170R: before 1.1
SIMATIC RF360R: before 2.2
CPE2.3- cpe:2.3:a:siemens:simatic_rf166c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf185c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1140r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1170r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf360r:*:*:*:*:*:*:*:
http://cert-portal.siemens.com/productcert/html/ssa-765405.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU97149
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-37991
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the service log files of the affected application can be accessed without proper authentication. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSIMATIC RF166C: before 2.2
SIMATIC RF185C: before 2.2
SIMATIC RF186C: before 2.2
SIMATIC RF186CI: before 2.2
SIMATIC RF188C: before 2.2
SIMATIC RF188CI: before 2.2
SIMATIC Reader RF610R CMIIT: before 4.2
SIMATIC Reader RF610R ETSI: before 4.2
SIMATIC Reader RF610R FCC: before 4.2
SIMATIC Reader RF615R CMIIT: before 4.2
SIMATIC Reader RF615R ETSI: before 4.2
SIMATIC Reader RF615R FCC: before 4.2
SIMATIC Reader RF650R ARIB: before 4.2
SIMATIC Reader RF650R CMIIT: before 4.2
SIMATIC Reader RF650R ETSI: before 4.2
SIMATIC Reader RF650R FCC: before 4.2
SIMATIC Reader RF680R ARIB: before 4.2
SIMATIC Reader RF680R CMIIT: before 4.2
SIMATIC Reader RF680R ETSI: before 4.2
SIMATIC Reader RF680R FCC: before 4.2
SIMATIC Reader RF685R ARIB: before 4.2
SIMATIC Reader RF685R CMIIT: before 4.2
SIMATIC Reader RF685R ETSI: before 4.2
SIMATIC Reader RF685R FCC: before 4.2
SIMATIC RF1140R: before 1.1
SIMATIC RF1170R: before 1.1
SIMATIC RF360R: before 2.2
CPE2.3- cpe:2.3:a:siemens:simatic_rf166c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf185c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1140r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1170r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf360r:*:*:*:*:*:*:*:
http://cert-portal.siemens.com/productcert/html/ssa-765405.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Check or Handling of Exceptional Conditions
EUVDB-ID: #VU97151
Risk: Low
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-37992
CWE-ID:
CWE-703 - Improper Check or Handling of Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to the affected devices does not properly handle the error in case of exceeding characters while setting SNMP. A remote administrator can restart the target application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSIMATIC RF166C: before 2.2
SIMATIC RF185C: before 2.2
SIMATIC RF186C: before 2.2
SIMATIC RF186CI: before 2.2
SIMATIC RF188C: before 2.2
SIMATIC RF188CI: before 2.2
SIMATIC Reader RF610R CMIIT: before 4.2
SIMATIC Reader RF610R ETSI: before 4.2
SIMATIC Reader RF610R FCC: before 4.2
SIMATIC Reader RF615R CMIIT: before 4.2
SIMATIC Reader RF615R ETSI: before 4.2
SIMATIC Reader RF615R FCC: before 4.2
SIMATIC Reader RF650R ARIB: before 4.2
SIMATIC Reader RF650R CMIIT: before 4.2
SIMATIC Reader RF650R ETSI: before 4.2
SIMATIC Reader RF650R FCC: before 4.2
SIMATIC Reader RF680R ARIB: before 4.2
SIMATIC Reader RF680R CMIIT: before 4.2
SIMATIC Reader RF680R ETSI: before 4.2
SIMATIC Reader RF680R FCC: before 4.2
SIMATIC Reader RF685R ARIB: before 4.2
SIMATIC Reader RF685R CMIIT: before 4.2
SIMATIC Reader RF685R ETSI: before 4.2
SIMATIC Reader RF685R FCC: before 4.2
SIMATIC RF1140R: before 1.1
SIMATIC RF1170R: before 1.1
SIMATIC RF360R: before 2.2
CPE2.3- cpe:2.3:a:siemens:simatic_rf166c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf185c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1140r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1170r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf360r:*:*:*:*:*:*:*:
http://cert-portal.siemens.com/productcert/html/ssa-765405.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper access control
EUVDB-ID: #VU97152
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-37993
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to the affected applications do not authenticated the creation of Ajax2App instances. A remote attacker can bypass implemented security restrictions and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSIMATIC RF166C: before 2.2
SIMATIC RF185C: before 2.2
SIMATIC RF186C: before 2.2
SIMATIC RF186CI: before 2.2
SIMATIC RF188C: before 2.2
SIMATIC RF188CI: before 2.2
SIMATIC Reader RF610R CMIIT: before 4.2
SIMATIC Reader RF610R ETSI: before 4.2
SIMATIC Reader RF610R FCC: before 4.2
SIMATIC Reader RF615R CMIIT: before 4.2
SIMATIC Reader RF615R ETSI: before 4.2
SIMATIC Reader RF615R FCC: before 4.2
SIMATIC Reader RF650R ARIB: before 4.2
SIMATIC Reader RF650R CMIIT: before 4.2
SIMATIC Reader RF650R ETSI: before 4.2
SIMATIC Reader RF650R FCC: before 4.2
SIMATIC Reader RF680R ARIB: before 4.2
SIMATIC Reader RF680R CMIIT: before 4.2
SIMATIC Reader RF680R ETSI: before 4.2
SIMATIC Reader RF680R FCC: before 4.2
SIMATIC Reader RF685R ARIB: before 4.2
SIMATIC Reader RF685R CMIIT: before 4.2
SIMATIC Reader RF685R ETSI: before 4.2
SIMATIC Reader RF685R FCC: before 4.2
SIMATIC RF1140R: before 1.1
SIMATIC RF1170R: before 1.1
SIMATIC RF360R: before 2.2
CPE2.3- cpe:2.3:a:siemens:simatic_rf166c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf185c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1140r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1170r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf360r:*:*:*:*:*:*:*:
http://cert-portal.siemens.com/productcert/html/ssa-765405.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Hidden functionality
EUVDB-ID: #VU97159
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-37994
CWE-ID:
CWE-912 - Hidden Functionality (Backdoor)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system
The vulnerability exists due to the affected application contains a hidden configuration item to enable debug functionality. A remote user can insight into the internal configuration of the deployment.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSIMATIC RF166C: before 2.2
SIMATIC RF185C: before 2.2
SIMATIC RF186C: before 2.2
SIMATIC RF186CI: before 2.2
SIMATIC RF188C: before 2.2
SIMATIC RF188CI: before 2.2
SIMATIC Reader RF610R CMIIT: before 4.2
SIMATIC Reader RF610R ETSI: before 4.2
SIMATIC Reader RF610R FCC: before 4.2
SIMATIC Reader RF615R CMIIT: before 4.2
SIMATIC Reader RF615R ETSI: before 4.2
SIMATIC Reader RF615R FCC: before 4.2
SIMATIC Reader RF650R ARIB: before 4.2
SIMATIC Reader RF650R CMIIT: before 4.2
SIMATIC Reader RF650R ETSI: before 4.2
SIMATIC Reader RF650R FCC: before 4.2
SIMATIC Reader RF680R ARIB: before 4.2
SIMATIC Reader RF680R CMIIT: before 4.2
SIMATIC Reader RF680R ETSI: before 4.2
SIMATIC Reader RF680R FCC: before 4.2
SIMATIC Reader RF685R ARIB: before 4.2
SIMATIC Reader RF685R CMIIT: before 4.2
SIMATIC Reader RF685R ETSI: before 4.2
SIMATIC Reader RF685R FCC: before 4.2
SIMATIC RF1140R: before 1.1
SIMATIC RF1170R: before 1.1
SIMATIC RF360R: before 2.2
CPE2.3- cpe:2.3:a:siemens:simatic_rf166c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf185c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1140r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1170r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf360r:*:*:*:*:*:*:*:
http://cert-portal.siemens.com/productcert/html/ssa-765405.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper Check or Handling of Exceptional Conditions
EUVDB-ID: #VU97160
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-37995
CWE-ID:
CWE-703 - Improper Check or Handling of Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to the affected application improperly handles error while a faulty certificate upload leading to crashing of application. A remote administrator can disclose sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSIMATIC RF166C: before 2.2
SIMATIC RF185C: before 2.2
SIMATIC RF186C: before 2.2
SIMATIC RF186CI: before 2.2
SIMATIC RF188C: before 2.2
SIMATIC RF188CI: before 2.2
SIMATIC Reader RF610R CMIIT: before 4.2
SIMATIC Reader RF610R ETSI: before 4.2
SIMATIC Reader RF610R FCC: before 4.2
SIMATIC Reader RF615R CMIIT: before 4.2
SIMATIC Reader RF615R ETSI: before 4.2
SIMATIC Reader RF615R FCC: before 4.2
SIMATIC Reader RF650R ARIB: before 4.2
SIMATIC Reader RF650R CMIIT: before 4.2
SIMATIC Reader RF650R ETSI: before 4.2
SIMATIC Reader RF650R FCC: before 4.2
SIMATIC Reader RF680R ARIB: before 4.2
SIMATIC Reader RF680R CMIIT: before 4.2
SIMATIC Reader RF680R ETSI: before 4.2
SIMATIC Reader RF680R FCC: before 4.2
SIMATIC Reader RF685R ARIB: before 4.2
SIMATIC Reader RF685R CMIIT: before 4.2
SIMATIC Reader RF685R ETSI: before 4.2
SIMATIC Reader RF685R FCC: before 4.2
SIMATIC RF1140R: before 1.1
SIMATIC RF1170R: before 1.1
SIMATIC RF360R: before 2.2
CPE2.3- cpe:2.3:a:siemens:simatic_rf166c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf185c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf186ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188c:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf188ci:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_arib:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1140r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf1170r:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:simatic_rf360r:*:*:*:*:*:*:*:
http://cert-portal.siemens.com/productcert/html/ssa-765405.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
