CVE-2020-15782: Buffer Overflow
First published: Fri May 28 2021(Updated: )
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions < V6.15), SINUMERIK ONE (All versions < V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Simatic Drive Controller CPU 1507D TF Firmware | <2.9.2 | |
| Siemens CPU 1504D TF Firmware | ||
| Siemens CPU 1507D TF Firmware | ||
| Siemens Simatic S7-1200 CPU Firmware | <4.5.0 | |
| Siemens CPU 1211C Firmware | ||
| Siemens CPU 1212C | ||
| Siemens CPU 1212FC | ||
| Siemens SIMATIC S7-1200 CPU 1214C | ||
| Siemens CPU 1214FC Firmware | ||
| Siemens CPU 1215C | ||
| Siemens CPU 1215FC Firmware | ||
| Siemens CPU 1217C | ||
| Siemens SIMATIC S7-1500 CPU Firmware | <2.9.2 | |
| Siemens 6ES7510-1DJ01-0AB0 | ||
| Siemens SIMATIC S7-1500 CPU 6ES7510-1SJ01-0AB0 | ||
| Siemens 6ES7511-1AK01-0AB0 | ||
| Siemens SIMATIC S7-1500 CPU 1511-1 PN 6ES7511-1AK02-0AB0 | ||
| Siemens 6ES7511-1CK00-0AB0 | ||
| Siemens 6ES7511-1CK01-0AB0 | ||
| siemens 6es7511-1fk01-0ab0 | ||
| Siemens 6ES7511-1FK02-0AB0 | ||
| Siemens 6ES7511-1TK01-0AB0 | ||
| Siemens 6ES7511-1UK01-0AB0 | ||
| Siemens 6ES7512-1CK00-0AB0 | ||
| Siemens SIMATIC S7-1500, 6ES7512-1CK01-0AB0 | ||
| Siemens 6ES7512-1DK01-0AB0 | ||
| Siemens 6ES7512-1SK01-0AB0 | ||
| Siemens 6ES7513-1AL01-0AB0 | ||
| Siemens 6ES7513-1AL02-0AB0 | ||
| Siemens 6ES7513-1FL01-0AB0 | ||
| siemens 6es7513-1fl02-0ab0 | ||
| Siemens 6ES7513-1RL00-0AB0 | ||
| Siemens 6ES7513-2GL00-0AB0 | ||
| Siemens 6ES7513-2PL00-0AB0 | ||
| Siemens 6ES7515-2AM01-0AB0 | ||
| Siemens SIMATIC S7-1500 Controller 6ES7515-2AM02-0AB0 | ||
| Siemens 6ES7515-2FM01-0AB0 | ||
| Siemens 6ES7515-2FM02-0AB0 | ||
| Siemens 6ES7515-2RM00-0AB0 | ||
| Siemens 6ES7515-2TM01-0AB0 | ||
| Siemens 6ES7515-2UM01-0AB0 | ||
| Siemens SIMATIC S7-1500, CPU 1516-2 PN | ||
| Siemens 6ES7516-2PN00-0AB0 | ||
| Siemens 6ES7516-3AN01-0AB0 | ||
| Siemens 6ES7516-3AN02-0AB0 | ||
| Siemens 6ES7516-3FN01-0AB0 | ||
| Siemens 6ES7516-3FN02-0AB0 | ||
| Siemens 6ES7516-3TN00-0AB0 | ||
| Siemens 6ES7516-3UN00-0AB0 | ||
| Siemens 6ES7517-3AP00-0AB0 | ||
| Siemens 6ES7517-3FP00-0AB0 | ||
| Siemens 6ES7517-3HP00-0AB0 | ||
| Siemens 6ES7517-3TP00-0AB0 | ||
| Siemens 6ES7517-3UP00-0AB0 | ||
| Siemens 6ES7518-4AP00-0AB0 | ||
| Siemens 6ES7518-4AP00-3AB0 | ||
| Siemens 6ES7518-4FP00-0AB0 | ||
| Siemens 6ES7518-4FP00-3AB0 | ||
| Siemens SIMATIC S7-1500 Software Controller | ||
| siemens SIMATIC S7-PLCSIM Advanced | <4.0 | |
| Siemens SIMATIC ET 200SP Open Controller firmware | ||
| Siemens CPU 1515SP PC2 TF | ||
| Siemens CPU 1515SP PC2 TF |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-15782?
CVE-2020-15782 is rated as a high severity vulnerability due to the potential for remote exploitation.
How do I fix CVE-2020-15782?
To fix CVE-2020-15782, update affected Siemens SIMATIC Drive Controllers and related devices to the latest firmware version 2.9.2 or higher.
Which devices are impacted by CVE-2020-15782?
CVE-2020-15782 affects various versions of Siemens SIMATIC Drive Controllers, including All versions less than 2.9.2.
Is CVE-2020-15782 a remote vulnerability?
Yes, CVE-2020-15782 can be exploited remotely, allowing unauthorized users to potentially manipulate the affected devices.
What are the potential consequences of CVE-2020-15782?
Exploitation of CVE-2020-15782 could lead to unauthorized access, data manipulation, and disruption of control system operations.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/remedy
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/references
- agent/author
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/siemens simatic drive controller cpu 1507d tf firmware
- canonical/siemens cpu 1504d tf firmware
- canonical/siemens cpu 1507d tf firmware
- canonical/siemens simatic s7-1200 cpu firmware
- canonical/siemens cpu 1211c firmware
- canonical/siemens cpu 1212c
- canonical/siemens cpu 1212fc
- canonical/siemens simatic s7-1200 cpu 1214c
- canonical/siemens cpu 1214fc firmware
- canonical/siemens cpu 1215c
- canonical/siemens cpu 1215fc firmware
- canonical/siemens cpu 1217c
- canonical/siemens simatic s7-1500 cpu firmware
- canonical/siemens 6es7510-1dj01-0ab0
- canonical/siemens simatic s7-1500 cpu 6es7510-1sj01-0ab0
- canonical/siemens 6es7511-1ak01-0ab0
- canonical/siemens simatic s7-1500 cpu 1511-1 pn 6es7511-1ak02-0ab0
- canonical/siemens 6es7511-1ck00-0ab0
- canonical/siemens 6es7511-1ck01-0ab0
- canonical/siemens 6es7511-1fk01-0ab0
- canonical/siemens 6es7511-1fk02-0ab0
- canonical/siemens 6es7511-1tk01-0ab0
- canonical/siemens 6es7511-1uk01-0ab0
- canonical/siemens 6es7512-1ck00-0ab0
- canonical/siemens simatic s7-1500, 6es7512-1ck01-0ab0
- canonical/siemens 6es7512-1dk01-0ab0
- canonical/siemens 6es7512-1sk01-0ab0
- canonical/siemens 6es7513-1al01-0ab0
- canonical/siemens 6es7513-1al02-0ab0
- canonical/siemens 6es7513-1fl01-0ab0
- canonical/siemens 6es7513-1fl02-0ab0
- canonical/siemens 6es7513-1rl00-0ab0
- canonical/siemens 6es7513-2gl00-0ab0
- canonical/siemens 6es7513-2pl00-0ab0
- canonical/siemens 6es7515-2am01-0ab0
- canonical/siemens simatic s7-1500 controller 6es7515-2am02-0ab0
- canonical/siemens 6es7515-2fm01-0ab0
- canonical/siemens 6es7515-2fm02-0ab0
- canonical/siemens 6es7515-2rm00-0ab0
- canonical/siemens 6es7515-2tm01-0ab0
- canonical/siemens 6es7515-2um01-0ab0
- canonical/siemens simatic s7-1500, cpu 1516-2 pn
- canonical/siemens 6es7516-2pn00-0ab0
- canonical/siemens 6es7516-3an01-0ab0
- canonical/siemens 6es7516-3an02-0ab0
- canonical/siemens 6es7516-3fn01-0ab0
- canonical/siemens 6es7516-3fn02-0ab0
- canonical/siemens 6es7516-3tn00-0ab0
- canonical/siemens 6es7516-3un00-0ab0
- canonical/siemens 6es7517-3ap00-0ab0
- canonical/siemens 6es7517-3fp00-0ab0
- canonical/siemens 6es7517-3hp00-0ab0
- canonical/siemens 6es7517-3tp00-0ab0
- canonical/siemens 6es7517-3up00-0ab0
- canonical/siemens 6es7518-4ap00-0ab0
- canonical/siemens 6es7518-4ap00-3ab0
- canonical/siemens 6es7518-4fp00-0ab0
- canonical/siemens 6es7518-4fp00-3ab0
- canonical/siemens simatic s7-1500 software controller
- canonical/siemens simatic s7-plcsim advanced
- canonical/siemens simatic et 200sp open controller firmware
- canonical/siemens cpu 1515sp pc2 tf