Unknown
CVE-2020-28397
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2020-28397
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions > V2.5 < V2.9.2), SIMATIC S7-1500 Software Controller (All versions > V2.5 < V21.9), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- cpu 1211c firmware 4.4,
- cpu 1212c firmware 4.4,
- cpu 1212fc firmware 4.4,
- cpu 1214c firmware 4.4,
- cpu 1214fc firmware 4.4,
- cpu 1215c firmware 4.4,
- cpu 1215fc firmware 4.4,
- cpu 1217c firmware 4.4,
- cpu 1504d tf firmware,
- cpu 1507d tf firmware,
- cpu 1510sp-1pn firmware,
- cpu 1511-1pn firmware,
- cpu 1511c-1 pn firmware,
- cpu 1511f-1pn firmware,
- cpu 1511t-1pn firmware,
- cpu 1511tf-1pn firmware,
- cpu 1512c-1 pn firmware,
- cpu 1512sp f-1 pn firmware,
- cpu 1512sp-1 pn firmware,
- cpu 1513-1 pn firmware,
- cpu 1513f-1 pn firmware,
- cpu 1513pro f-2 pn firmware,
- cpu 1513r-1 pn firmware,
- cpu 1515-2 firmware,
- cpu 1515f-2 firmware,
- cpu 1515r-2 pn firmware,
- cpu 1515sp pc2 tf firmware,
- cpu 1515t-2 pn firmware,
- cpu 1515tf-2 pn firmware,
- cpu 1516-3 firmware,
- cpu 1516f-3 firmware,
- cpu 1516pro f-2 pn firmware,
- cpu 1516pro-2 pn firmware,
- cpu 1516t-3 pn/dp firmware,
- cpu 1516tf-3 pn/dp firmware,
- cpu 1517-3 pn/dp firmware,
- cpu 1517f-3 pn/dp firmware,
- cpu 1517t-3 pn/dp firmware,
- cpu 1517tf-3 pn/dp firmware,
- cpu 1518-4 pn/dp firmware,
- cpu 1518f-4 pn/dp firmware,
- cpu1510sp f-1 firmware,
- simatic s7 plcsim advanced firmware,
- simatic s7-1500 software controller,
- siplus cpu 1510sp f-1pn firmware,
- siplus cpu 1511-1 pn firmware,
- siplus cpu 1511f-1 pn firmware,
- siplus cpu 1512sp f-1pn firmware,
- siplus cpu 1512sp-1 pn firmware,
- siplus cpu 1513-1 pn firmware,
- siplus cpu 1513f-1 pn firmware,
- siplus cpu 1516-3 pn/dp firmware,
- siplus cpu 1518-4 pn/dp firmware,
- siplus cpu 1518f-4 pn/dp firmware,
- siplus cpu-1516f-3 pn/dp firmware,
- tim 1531 irc firmware 2.1
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
