CVE-2024-37990

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-765405.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-09-10 10:15

Updated : 2024-09-18 15:27

NVD link : CVE-2024-37990

Mitre link : CVE-2024-37990

CVE.ORG link : CVE-2024-37990

JSON object : View

Products Affected

siemens

simatic_reader_rf680r_arib
simatic_reader_rf615r_cmiit_firmware
simatic_reader_rf610r_etsi_firmware
simatic_reader_rf615r_etsi_firmware
simatic_reader_rf685r_arib_firmware
simatic_rf188ci_firmware
simatic_reader_rf650r_arib_firmware
simatic_reader_rf650r_arib
simatic_rf186ci
simatic_reader_rf685r_etsi
simatic_reader_rf610r_fcc
simatic_reader_rf650r_etsi
simatic_reader_rf615r_fcc_firmware
simatic_reader_rf650r_cmiit_firmware
simatic_reader_rf685r_fcc
simatic_reader_rf680r_etsi_firmware
simatic_rf1140r_firmware
simatic_rf188c
simatic_rf166c
simatic_reader_rf680r_cmiit_firmware
simatic_reader_rf680r_cmiit
simatic_reader_rf615r_etsi
simatic_rf1140r
simatic_reader_rf650r_etsi_firmware
simatic_reader_rf685r_arib
simatic_reader_rf615r_cmiit
simatic_reader_rf685r_cmiit_firmware
simatic_reader_rf680r_etsi
simatic_rf186c_firmware
simatic_reader_rf685r_etsi_firmware
simatic_reader_rf610r_fcc_firmware
simatic_rf188c_firmware
simatic_rf186c
simatic_reader_rf650r_fcc_firmware
simatic_reader_rf680r_fcc
simatic_reader_rf610r_cmiit_firmware
simatic_reader_rf610r_etsi
simatic_rf188ci
simatic_reader_rf650r_fcc
simatic_rf186ci_firmware
simatic_rf360r_firmware
simatic_rf360r
simatic_rf1170r_firmware
simatic_rf185c_firmware
simatic_reader_rf680r_fcc_firmware
simatic_reader_rf685r_cmiit
simatic_reader_rf650r_cmiit
simatic_reader_rf610r_cmiit
simatic_reader_rf615r_fcc
simatic_rf185c
simatic_rf166c_firmware
simatic_rf1170r
simatic_reader_rf680r_arib_firmware
simatic_reader_rf685r_fcc_firmware

CWE

CWE-912

Hidden Functionality

NVD-CWE-Other

6.5 /10