Multiple vulnerabilities in Siemens Siveillance Identity



Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2021-44522
CVE-2021-44523
CVE-2021-44524
CWE-ID N/A
Exploitation vector Network
Public exploit N/A
Vulnerable software
 Siveillance Identity
Server applications / SCADA systems

Vendor Siemens

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Exposure of Resource to Wrong Sphere

EUVDB-ID: #VU59239

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-44522

CWE-ID: N/A

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to the affected applications insufficiently limit the access to the internal message broker system. A remote attacker can subscribe to arbitrary message queues.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Siveillance Identity: 1.5 - 1.6

CPE2.3 External links

https:
https://cert-portal.siemens.com/productcert/pdf/ssa-463116.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Exposure of Resource to Wrong Sphere

EUVDB-ID: #VU59243

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-44523

CWE-ID: N/A

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to the affected applications insufficiently limit the access to the internal activity feed database. A remote attacker can read, modify or delete activity feed entries.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Siveillance Identity: 1.5 - 1.6

CPE2.3 External links

https:
https://cert-portal.siemens.com/productcert/pdf/ssa-463116.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Exposure of Resource to Wrong Sphere

EUVDB-ID: #VU59244

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-44524

CWE-ID: N/A

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to the affected applications insufficiently limit the access to the internal user authentication service. A remote attacker can trigger several actions on behalf of valid user.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Siveillance Identity: 1.5 - 1.6

CPE2.3 External links

https:
https://cert-portal.siemens.com/productcert/pdf/ssa-463116.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###