cvelistv5 - cve-2023-51438

CVE-2023-51438 (GCVE-0-2023-51438)

Vulnerability from cvelistv5

Published

2024-01-09 10:00

Modified

2025-05-22 17:57

Severity ?

10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE

CWE-20 - Improper Input Validation

Summary

A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish® server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.

References

URL

Tags

https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf

Impacted products

Vendor

Product

Version

Siemens

SIMATIC IPC1047E

Version: All versions with maxView Storage Manager < V4.14.00.26068 on Windows

	Siemens	SIMATIC IPC647E	Version: All versions with maxView Storage Manager < V4.14.00.26068 on Windows
	Siemens	SIMATIC IPC847E	Version: All versions with maxView Storage Manager < V4.14.00.26068 on Windows

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:32:09.431Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-51438",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-22T17:51:00.924153Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-22T17:57:26.766Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC IPC1047E",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC IPC647E",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC IPC847E",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish\u00ae server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-09T10:00:13.080Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2023-51438",
    "datePublished": "2024-01-09T10:00:13.080Z",
    "dateReserved": "2023-12-19T11:46:45.583Z",
    "dateUpdated": "2025-05-22T17:57:26.766Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T22:32:09.431Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-51438\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-22T17:51:00.924153Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-22T17:51:08.536Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 10, \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C\"}}], \"affected\": [{\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC1047E\", \"versions\": [{\"status\": \"affected\", \"version\": \"All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC647E\", \"versions\": [{\"status\": \"affected\", \"version\": \"All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC IPC847E\", \"versions\": [{\"status\": \"affected\", \"version\": \"All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish\\u00ae server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20: Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"shortName\": \"siemens\", \"dateUpdated\": \"2024-01-09T10:00:13.080Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-51438\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-22T17:57:26.766Z\", \"dateReserved\": \"2023-12-19T11:46:45.583Z\", \"assignerOrgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"datePublished\": \"2024-01-09T10:00:13.080Z\", \"assignerShortName\": \"siemens\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2024-AVI-0014

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	Spectrum Power 7 versions antérieures à V23Q4
Siemens	N/A	CP-8050 MASTER MODULE (6MF2805-0AA00) versions antérieures à CPCI85 V05.20
Siemens	N/A	Teamcenter Visualization versions V14.2 antérieures à V14.2.0.9
Siemens	N/A	JT2Go versions antérieures à V14.3.0.6
Siemens	N/A	Teamcenter Visualization versions V14.1 antérieures à V14.1.0.12
Siemens	N/A	SIMATIC IPC647E avec maxView Storage Manager versions antérieures à V4.14.00.26068 sur Windows
Siemens	N/A	SIMATIC IPC847E avec maxView Storage Manager versions antérieures à V4.14.00.26068 sur Windows
Siemens	N/A	SIMATIC CN 4100 versions antérieures à V2.7
Siemens	N/A	SIMATIC IPC1047E avec maxView Storage Manager versions antérieures à V4.14.00.26068 sur Windows
Siemens	N/A	CP-8031 MASTER MODULE (6MF2803-1AA00) versions antérieures à CPCI85 V05.20
Siemens	N/A	Teamcenter Visualization versions V14.3 antérieures à V14.3.0.6
Siemens	N/A	Teamcenter Visualization versions V13.3 antérieures à V13.3.0.13
Siemens	N/A	Solid Edge SE2023 versions antérieures à V223.0 Update 10

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-777015 du 09 janvier 2024	None	vendor-advisory
Bulletin de sécurité Siemens ssa-794653 du 09 janvier 2024	None	vendor-advisory
Bulletin de sécurité Siemens ssa-583634 du 09 janvier 2024	None	vendor-advisory
Bulletin de sécurité Siemens ssa-702935 du 09 janvier 2024	None	vendor-advisory
Bulletin de sécurité Siemens ssa-589891 du 09 janvier 2024	None	vendor-advisory
Bulletin de sécurité Siemens ssa-786191 du 09 janvier 2024	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Spectrum Power 7 versions ant\u00e9rieures \u00e0 V23Q4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "CP-8050 MASTER MODULE (6MF2805-0AA00) versions ant\u00e9rieures \u00e0 CPCI85 V05.20",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Teamcenter Visualization versions V14.2 ant\u00e9rieures \u00e0 V14.2.0.9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "JT2Go versions ant\u00e9rieures \u00e0 V14.3.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Teamcenter Visualization versions V14.1 ant\u00e9rieures \u00e0 V14.1.0.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC647E avec maxView Storage Manager versions ant\u00e9rieures \u00e0 V4.14.00.26068 sur Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC847E avec maxView Storage Manager versions ant\u00e9rieures \u00e0 V4.14.00.26068 sur Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC CN 4100 versions ant\u00e9rieures \u00e0 V2.7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC1047E avec maxView Storage Manager versions ant\u00e9rieures \u00e0 V4.14.00.26068 sur Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "CP-8031 MASTER MODULE (6MF2803-1AA00) versions ant\u00e9rieures \u00e0 CPCI85 V05.20",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Teamcenter Visualization versions V14.3 ant\u00e9rieures \u00e0 V14.3.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Teamcenter Visualization versions V13.3 ant\u00e9rieures \u00e0 V13.3.0.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Solid Edge SE2023 versions ant\u00e9rieures \u00e0 V223.0 Update 10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-49252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49252"
    },
    {
      "name": "CVE-2023-49123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49123"
    },
    {
      "name": "CVE-2023-42797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42797"
    },
    {
      "name": "CVE-2023-49132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49132"
    },
    {
      "name": "CVE-2023-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51744"
    },
    {
      "name": "CVE-2023-49251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49251"
    },
    {
      "name": "CVE-2023-51438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51438"
    },
    {
      "name": "CVE-2023-49122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49122"
    },
    {
      "name": "CVE-2023-51746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51746"
    },
    {
      "name": "CVE-2023-51439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51439"
    },
    {
      "name": "CVE-2023-51745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51745"
    },
    {
      "name": "CVE-2023-49124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49124"
    },
    {
      "name": "CVE-2023-49130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49130"
    },
    {
      "name": "CVE-2023-49131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49131"
    },
    {
      "name": "CVE-2023-49129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49129"
    },
    {
      "name": "CVE-2023-44120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44120"
    },
    {
      "name": "CVE-2023-49621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49621"
    },
    {
      "name": "CVE-2023-49126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49126"
    },
    {
      "name": "CVE-2023-49121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49121"
    },
    {
      "name": "CVE-2023-49127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49127"
    },
    {
      "name": "CVE-2023-49128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49128"
    }
  ],
  "initial_release_date": "2024-01-09T00:00:00",
  "last_revision_date": "2024-01-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2024-AVI-0014",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-01-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-777015 du 09 janvier 2024",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-777015.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-794653 du 09 janvier 2024",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-794653.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-583634 du 09 janvier 2024",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-583634.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-702935 du 09 janvier 2024",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-702935.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-589891 du 09 janvier 2024",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-589891.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-786191 du 09 janvier 2024",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-786191.html"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-51438 (GCVE-0-2023-51438)

Vulnerability from cvelistv5

CERTFR-2024-AVI-0014

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature