CVE-2020-15798 : A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS

A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with enabled telnet service do not require authentication for this service. This could allow a remote attacker to gain full access to the device. (ZDI-CAN-12046)

Published 2021-02-09 17:15:13

Updated 2022-10-19 19:39:10

Source Siemens AG

View at NVD, CVE.org

Products affected by CVE-2020-15798

Siemens » Simatic Hmi Comfort Panels Firmware
Versions before (<) 16.0
cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic Hmi Comfort Panels » Version: N/A
Siemens » Simatic Hmi Comfort Panels Firmware » Version: 16.0
cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:16.0:-:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic Hmi Comfort Panels » Version: N/A
Siemens » Simatic Hmi Comfort Panels Firmware » Version: 16.0 Update Update1
cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:16.0:update1:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic Hmi Comfort Panels » Version: N/A
Siemens » Simatic Hmi Comfort Panels Firmware » Version: 16.0 Update Update2
cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:16.0:update2:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic Hmi Comfort Panels » Version: N/A
Siemens » Simatic Hmi Comfort Panels Firmware » Version: 16.0 Update Update3
cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:16.0:update3:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic Hmi Comfort Panels » Version: N/A
Siemens » Sinamics Gh150 Firmware » Version: N/A
cpe:2.3:o:siemens:sinamics_gh150_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Sinamics Gh150 » Version: N/A
Siemens » Sinamics Gl150 Firmware » Version: N/A
cpe:2.3:o:siemens:sinamics_gl150_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Sinamics Gl150 » Version: N/A
Siemens » Sinamics Gm150 Firmware » Version: N/A
cpe:2.3:o:siemens:sinamics_gm150_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Sinamics Gm150 » Version: N/A
Siemens » Sinamics Sl150 Firmware » Version: N/A
cpe:2.3:o:siemens:sinamics_sl150_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Sinamics Sl150 » Version: N/A
Siemens » Sinamics Sm120 Firmware » Version: N/A
cpe:2.3:o:siemens:sinamics_sm120_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Sinamics Sm120 » Version: N/A
Siemens » Simatic Hmi Ktp Mobile Panels Firmware
Versions before (<) 16.0
cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic Hmi Ktp Mobile Panels » Version: N/A
Siemens » Simatic Hmi Ktp Mobile Panels Firmware » Version: 16.0
cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:16.0:-:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic Hmi Ktp Mobile Panels » Version: N/A
Siemens » Simatic Hmi Ktp Mobile Panels Firmware » Version: 16.0 Update Update1
cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:16.0:update1:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic Hmi Ktp Mobile Panels » Version: N/A
Siemens » Simatic Hmi Ktp Mobile Panels Firmware » Version: 16.0 Update Update2
cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:16.0:update2:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic Hmi Ktp Mobile Panels » Version: N/A
Siemens » Simatic Hmi Ktp Mobile Panels Firmware » Version: 16.0 Update Update3
cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:16.0:update3:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Simatic Hmi Ktp Mobile Panels » Version: N/A
Siemens » Sinamics Sm150 Firmware » Version: N/A
cpe:2.3:o:siemens:sinamics_sm150_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Sinamics Sm150 » Version: N/A
Siemens » Sinamics Sh150 Firmware » Version: N/A
cpe:2.3:o:siemens:sinamics_sh150_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Sinamics Sh150 » Version: N/A
Siemens » Sinamics Sm150i Firmware » Version: N/A
cpe:2.3:o:siemens:sinamics_sm150i_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Sinamics Sm150i » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2020-15798

EPSS FAQ

1.18%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 77 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-15798

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2020-15798

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Assigned by:
- nvd@nist.gov (Secondary)
- productcert@siemens.com (Primary)

References for CVE-2020-15798

https://cert-portal.siemens.com/productcert/pdf/ssa-520004.pdf

Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-752103.pdf

Patch;Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-033-02

Siemens SIMATIC HMI Comfort Panels & SIMATIC HMI KTP Mobile Panels | CISA
Third Party Advisory;US Government Resource

Jump to

Vulnerability Details : CVE-2020-15798

Products affected by CVE-2020-15798

Exploit prediction scoring system (EPSS) score for CVE-2020-15798

CVSS scores for CVE-2020-15798

CWE ids for CVE-2020-15798

References for CVE-2020-15798