All the vulnerabilites related to Siemens - SIMATIC PCS 7
var-201306-0315
Vulnerability from variot
The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. An attacker can exploit the vulnerability to gain access. The vulnerability is due to the fact that the program has hard-coded accounts
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201306-0315", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.0 sp1" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.2 update 1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "78.x" }, { "model": "wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.2" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07606" }, { "db": "JVNDB", "id": "JVNDB-2013-002983" }, { "db": "CNNVD", "id": "CNNVD-201306-248" }, { "db": "NVD", "id": "CVE-2013-3958" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-002983" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Alexander Tlyapov from Positive Technologies", "sources": [ { "db": "BID", "id": "60561" } ], "trust": 0.3 }, "cve": "CVE-2013-3958", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2013-3958", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2013-07606", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-63960", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2013-3958", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2013-3958", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2013-07606", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201306-248", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-63960", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07606" }, { "db": "VULHUB", "id": "VHN-63960" }, { "db": "JVNDB", "id": "JVNDB-2013-002983" }, { "db": "CNNVD", "id": "CNNVD-201306-248" }, { "db": "NVD", "id": "CVE-2013-3958" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. An attacker can exploit the vulnerability to gain access. The vulnerability is due to the fact that the program has hard-coded accounts", "sources": [ { "db": "NVD", "id": "CVE-2013-3958" }, { "db": "JVNDB", "id": "JVNDB-2013-002983" }, { "db": "CNVD", "id": "CNVD-2013-07606" }, { "db": "BID", "id": "60561" }, { "db": "IVD", "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-63960" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2013-3958", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-345843", "trust": 1.7 }, { "db": "SECUNIA", "id": "53805", "trust": 1.2 }, { "db": "BID", "id": "60561", "trust": 1.0 }, { "db": "CNNVD", "id": "CNNVD-201306-248", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2013-07606", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-13-169-02", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2013-002983", "trust": 0.8 }, { "db": "IVD", "id": "E69A1CA0-2352-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-63960", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07606" }, { "db": "VULHUB", "id": "VHN-63960" }, { "db": "BID", "id": "60561" }, { "db": "JVNDB", "id": "JVNDB-2013-002983" }, { "db": "CNNVD", "id": "CNNVD-201306-248" }, { "db": "NVD", "id": "CVE-2013-3958" } ] }, "id": "VAR-201306-0315", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07606" }, { "db": "VULHUB", "id": "VHN-63960" } ], "trust": 1.5048571666666666 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07606" } ] }, "last_update_date": "2024-11-23T21:45:40.059000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-345843: Vulnerabilites in WinCC 7.2", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf" }, { "title": "\\302\\240Siemens SIMATIC WinCC/PCS 7 Hardcoded Credential Security Bypass Vulnerability Patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/34666" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-07606" }, { "db": "JVNDB", "id": "JVNDB-2013-002983" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-255", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-63960" }, { "db": "JVNDB", "id": "JVNDB-2013-002983" }, { "db": "NVD", "id": "CVE-2013-3958" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3958" }, { "trust": 0.8, "url": "https://ics-cert.us-cert.gov/advisories/icsa-13-169-02" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3958" }, { "trust": 0.6, "url": "http://secunia.com/advisories/53805/" }, { "trust": 0.6, "url": "http://secunia.com/advisories/53805" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.3, "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-07606" }, { "db": "VULHUB", "id": "VHN-63960" }, { "db": "BID", "id": "60561" }, { "db": "JVNDB", "id": "JVNDB-2013-002983" }, { "db": "CNNVD", "id": "CNNVD-201306-248" }, { "db": "NVD", "id": "CVE-2013-3958" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07606" }, { "db": "VULHUB", "id": "VHN-63960" }, { "db": "BID", "id": "60561" }, { "db": "JVNDB", "id": "JVNDB-2013-002983" }, { "db": "CNNVD", "id": "CNNVD-201306-248" }, { "db": "NVD", "id": "CVE-2013-3958" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-06-19T00:00:00", "db": "IVD", "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d" }, { "date": "2013-06-19T00:00:00", "db": "CNVD", "id": "CNVD-2013-07606" }, { "date": "2013-06-14T00:00:00", "db": "VULHUB", "id": "VHN-63960" }, { "date": "2013-06-14T00:00:00", "db": "BID", "id": "60561" }, { "date": "2013-06-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-002983" }, { "date": "2013-06-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201306-248" }, { "date": "2013-06-14T19:55:01.250000", "db": "NVD", "id": "CVE-2013-3958" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-06-19T00:00:00", "db": "CNVD", "id": "CNVD-2013-07606" }, { "date": "2013-06-17T00:00:00", "db": "VULHUB", "id": "VHN-63960" }, { "date": "2013-06-19T07:17:00", "db": "BID", "id": "60561" }, { "date": "2013-06-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-002983" }, { "date": "2013-06-21T00:00:00", "db": "CNNVD", "id": "CNNVD-201306-248" }, { "date": "2024-11-21T01:54:37.307000", "db": "NVD", "id": "CVE-2013-3958" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201306-248" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC/PCS 7 Hardcoded Credential Security Bypass Vulnerability", "sources": [ { "db": "IVD", "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07606" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Trust management", "sources": [ { "db": "IVD", "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201306-248" } ], "trust": 0.8 } }
var-201303-0259
Vulnerability from variot
The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a crafted project file. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0259", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.4, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.0 sp1" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c8.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "09175612-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2013-001989" }, { "db": "CNNVD", "id": "CNNVD-201303-445" }, { "db": "NVD", "id": "CVE-2013-0677" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-001989" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies", "sources": [ { "db": "BID", "id": "58545" }, { "db": "CNNVD", "id": "CNNVD-201303-363" } ], "trust": 0.9 }, "cve": "CVE-2013-0677", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2013-0677", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2013-02175", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "09175612-2353-11e6-abef-000c29c66e3d", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-60679", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2013-0677", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2013-0677", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2013-02175", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201303-445", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "09175612-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-60679", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2013-0677", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "09175612-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60679" }, { "db": "VULMON", "id": "CVE-2013-0677" }, { "db": "JVNDB", "id": "JVNDB-2013-001989" }, { "db": "CNNVD", "id": "CNNVD-201303-445" }, { "db": "NVD", "id": "CVE-2013-0677" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a crafted project file. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions", "sources": [ { "db": "NVD", "id": "CVE-2013-0677" }, { "db": "JVNDB", "id": "JVNDB-2013-001989" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "BID", "id": "58545" }, { "db": "IVD", "id": "09175612-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-60679" }, { "db": "VULMON", "id": "CVE-2013-0677" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2013-0677", "trust": 3.2 }, { "db": "ICS CERT", "id": "ICSA-13-079-02", "trust": 2.9 }, { "db": "SIEMENS", "id": "SSA-714398", "trust": 2.1 }, { "db": "BID", "id": "58545", "trust": 1.5 }, { "db": "CNNVD", "id": "CNNVD-201303-445", "trust": 0.9 }, { "db": "JVNDB", "id": "JVNDB-2013-001989", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2013-02175", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201303-363", "trust": 0.6 }, { "db": "IVD", "id": "09175612-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-60679", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2013-0677", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120899", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "09175612-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60679" }, { "db": "VULMON", "id": "CVE-2013-0677" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001989" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-445" }, { "db": "NVD", "id": "CVE-2013-0677" } ] }, "id": "VAR-201303-0259", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "09175612-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60679" } ], "trust": 1.5048571666666666 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "09175612-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" } ] }, "last_update_date": "2024-11-23T21:45:48.751000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.siemens.com/entry/cc/en/" }, { "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/answers/jp/ja/" }, { "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/33002" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2013-001989" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-200", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-60679" }, { "db": "JVNDB", "id": "JVNDB-2013-001989" }, { "db": "NVD", "id": "CVE-2013-0677" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.1, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "trust": 2.1, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/58545" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0677" }, { "trust": 0.8, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0677" }, { "trust": 0.3, "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/200.html" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=28666" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://ics-cert.us-cert.gov/advisories/icsa-13-079-02" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60679" }, { "db": "VULMON", "id": "CVE-2013-0677" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001989" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-445" }, { "db": "NVD", "id": "CVE-2013-0677" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "09175612-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60679" }, { "db": "VULMON", "id": "CVE-2013-0677" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001989" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-445" }, { "db": "NVD", "id": "CVE-2013-0677" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-22T00:00:00", "db": "IVD", "id": "09175612-2353-11e6-abef-000c29c66e3d" }, { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-21T00:00:00", "db": "VULHUB", "id": "VHN-60679" }, { "date": "2013-03-21T00:00:00", "db": "VULMON", "id": "CVE-2013-0677" }, { "date": "2013-03-15T00:00:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001989" }, { "date": "2013-03-21T15:07:17", "db": "PACKETSTORM", "id": "120899" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-22T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-445" }, { "date": "2013-03-21T15:55:01.583000", "db": "NVD", "id": "CVE-2013-0677" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-22T00:00:00", "db": "VULHUB", "id": "VHN-60679" }, { "date": "2013-03-22T00:00:00", "db": "VULMON", "id": "CVE-2013-0677" }, { "date": "2013-04-02T15:37:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001989" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-445" }, { "date": "2024-11-21T01:47:59.553000", "db": "NVD", "id": "CVE-2013-0677" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-445" } ], "trust": 1.3 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities", "sources": [ { "db": "BID", "id": "58545" }, { "db": "CNNVD", "id": "CNNVD-201303-363" } ], "trust": 0.9 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-201303-445" } ], "trust": 0.6 } }
var-201611-0180
Vulnerability from variot
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files*" or the localized equivalent). plural Siemens The product has an installation %PROGRAMFILES% If not using a directory, it is not enclosed in quotes Windows There are vulnerabilities whose privileges are obtained by the search path. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) ,and CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/254.html https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through the Trojan executable. Founded in 1847, Siemens AG of Germany focuses on the fields of electrification, automation and digitization. Siemens is a leader in offshore wind turbine construction, gas turbine and steam turbine power generation, transmission solutions, infrastructure solutions, industrial automation, drive and software solutions, and medical imaging equipment and laboratory diagnostics. There are privilege escalation vulnerabilities in many Siemens products. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201611-0180", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simit", "scope": "eq", "trust": 3.3, "vendor": "siemens", "version": "9.0" }, { "model": "softnet security client", "scope": "eq", "trust": 1.7, "vendor": "siemens", "version": "5.0" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "sinema remote connect", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic step 7 \\", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc \\", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic step 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "5.5" }, { "model": "sinema server", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "13.0" }, { "model": "simatic winac rtx 2010", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "telecontrol basic", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "softnet security client", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "simatic winac rtx f 2010", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "primary setup tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic it production suite", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic net pc software", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "security configuration tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.2" }, { "model": "security configuration tool", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx f 2010", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "sp2" }, { "model": "simatic it production suite", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.0 sp3" }, { "model": "simatic winac rtx 2010", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "sp2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "professional" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.2 until" }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.2 to 7.4" }, { "model": "sinema remote connect client", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.0 sp3 upd 8" }, { "model": "simatic step 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "5.x" }, { "model": "primary setup tool", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic wincc tia portal", "version": "*" }, { "model": "simatic step", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "75.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.3x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.4x" }, { "model": "sinema server", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.2x" }, { "model": "simatic wincc sp2 sp2 upd", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.0\u003c7.012" }, { "model": "simatic wincc sp3 sp3 upd", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.0\u003c7.08" }, { "model": "simatic net pc-software", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic step", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c14" }, { "model": "simatic wincc basic", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc comfort", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc advanced", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc professional all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinema remote connect client all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx sp2 all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "simatic winac rtx f sp2 all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "simatic it production suite all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "telecontrol server basic sp2", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "softnet security client all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v5.0" }, { "model": "security configuration tool all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "primary setup tool all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc \\", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "14.0" }, { "model": "telecontrol basic", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "sinema server", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "13.0" }, { "model": "telecontrol server basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "sinema server sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v12" }, { "model": "sinema server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v12" }, { "model": "sinema server sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12.0" }, { "model": "sinema server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12.0-" }, { "model": "sinema remote connect client", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc comfort", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.41" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.32" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.310" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.31" }, { "model": "simatic wincc upd4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.29" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.28" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.21" }, { "model": "simatic wincc upd4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc upd11", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc sp3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic winac rtx f sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2010" }, { "model": "simatic winac rtx sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2010" }, { "model": "simatic step tia portal sp1 upd1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v13" }, { "model": "simatic step tia portal sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v13" }, { "model": "simatic step tia portal", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v13" }, { "model": "simatic step tia portal", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v12" }, { "model": "simatic step sp4 hf4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp3 hf10", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp2 hf7", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp1 hf2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic net pc-software sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software hf1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software sp2 hf3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic it production suite", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "security configuration tool", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "primary setup tool", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "telecontrol server basic sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "sinema server sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc comfort", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc basic", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc advanced", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc sp3 upd", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.08" }, { "model": "simatic wincc sp2 upd", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.012" }, { "model": "simatic step tia portal", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7v14" }, { "model": "simatic net pc-software", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "primary setup tool", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "security configuration tool", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic it production suite", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic net pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic step 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic step 7 tia portal", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx f 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simit", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinema remote connect", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinema server", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "softnet security client", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "telecontrol basic", "version": "*" } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:primary_setup_tool", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:security_configuration_tool", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_it_production_suite", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_winac_rtx_2010", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_winac_rtx_f_2010", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simit", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:sinema_remote_connect", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:sinema_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:softnet_security_client", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:telecontrol_basic", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-005899" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "WATERSURE and KIANDRA IT", "sources": [ { "db": "BID", "id": "94158" } ], "trust": 0.3 }, "cve": "CVE-2016-7165", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "CVE-2016-7165", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "MULTIPLE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 5.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 1.2, "id": "CNVD-2016-10732", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:L/AC:H/Au:M/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "MULTIPLE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 5.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 1.2, "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:L/AC:H/Au:M/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "VHN-95985", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 0.5, "id": "CVE-2016-7165", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2016-7165", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2016-7165", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2016-10732", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201611-301", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-95985", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in Primary Setup Tool (PST) (All versions \u003c V4.2 HF1), SIMATIC IT Production Suite (All versions \u003c V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions \u003c V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC STEP 7 V5.X (All versions \u003c V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions \u003c V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions \u003c V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions \u003c V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions \u003c V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1), SIMIT V9.0 (All versions \u003c V9.0 SP1), SINEMA Remote Connect Client (All versions \u003c V1.0 SP3), SINEMA Server (All versions \u003c V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions \u003c V4.3 HF1), TeleControl Server Basic (All versions \u003c V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent). plural Siemens The product has an installation %PROGRAMFILES% If not using a directory, it is not enclosed in quotes Windows There are vulnerabilities whose privileges are obtained by the search path. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) ,and CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/254.html https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through the Trojan executable. Founded in 1847, Siemens AG of Germany focuses on the fields of electrification, automation and digitization. Siemens is a leader in offshore wind turbine construction, gas turbine and steam turbine power generation, transmission solutions, infrastructure solutions, industrial automation, drive and software solutions, and medical imaging equipment and laboratory diagnostics. There are privilege escalation vulnerabilities in many Siemens products. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC", "sources": [ { "db": "NVD", "id": "CVE-2016-7165" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "BID", "id": "94158" }, { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "VULHUB", "id": "VHN-95985" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-7165", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-16-313-02", "trust": 2.8 }, { "db": "SIEMENS", "id": "SSA-701708", "trust": 1.7 }, { "db": "BID", "id": "94158", "trust": 1.4 }, { "db": "CNNVD", "id": "CNNVD-201611-301", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2016-10732", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2016-005899", "trust": 0.8 }, { "db": "IVD", "id": "B4D8EF0B-EEF6-4E09-9B80-86C9B1224D88", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-95985", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "id": "VAR-201611-0180", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" } ], "trust": 1.6015931965384618 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" } ] }, "last_update_date": "2024-11-23T23:05:34.362000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-701708", "trust": 0.8, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-701708.pdf" }, { "title": "Patch for a number of Siemens products with privilege escalation vulnerability (CNVD-2016-10732)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/83616" }, { "title": "Multiple Siemens Product non-reference Windows Search path vulnerability fixes", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65670" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-254", "trust": 1.1 }, { "problemtype": "CWE-284", "trust": 1.1 }, { "problemtype": "CWE-Other", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-95985" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.2, "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-313-02" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/94158" }, { "trust": 1.1, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf" }, { "trust": 1.1, "url": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7165" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7165" }, { "trust": 0.6, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-701708.pdf" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-16-313-02" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-11-08T00:00:00", "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "date": "2016-11-08T00:00:00", "db": "CNVD", "id": "CNVD-2016-10732" }, { "date": "2016-11-15T00:00:00", "db": "VULHUB", "id": "VHN-95985" }, { "date": "2016-11-08T00:00:00", "db": "BID", "id": "94158" }, { "date": "2016-11-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "date": "2016-11-16T00:00:00", "db": "CNNVD", "id": "CNNVD-201611-301" }, { "date": "2016-11-15T19:30:02.797000", "db": "NVD", "id": "CVE-2016-7165" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-11-08T00:00:00", "db": "CNVD", "id": "CNVD-2016-10732" }, { "date": "2018-06-15T00:00:00", "db": "VULHUB", "id": "VHN-95985" }, { "date": "2016-11-24T01:08:00", "db": "BID", "id": "94158" }, { "date": "2016-12-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "date": "2019-10-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201611-301" }, { "date": "2024-11-21T02:57:37.740000", "db": "NVD", "id": "CVE-2016-7165" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "94158" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens Vulnerability gained in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-005899" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ], "trust": 0.8 } }
var-202205-0677
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode. Siemens' SIMATIC PCS 7 , SIMATIC WinCC , SIMATIC WinCC Runtime Professional contains an insecure initialization of resources to default values.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and supervisory control (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants. Siemens SIMATIC WinCC
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202205-0677", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "17" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc runtime professional", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v9.0" }, { "model": "simatic wincc runtime professional", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v16" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v17" }, { "model": "simatic wincc sp2 update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v7.58" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported this vulnerability to CISA.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-2738" } ], "trust": 0.6 }, "cve": "CVE-2022-24287", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CVE-2022-24287", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "CNVD-2022-36387", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-413914", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2022-24287", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2022-24287", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2022-24287", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2022-24287", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2022-24287", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2022-36387", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202205-2738", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-413914", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "db": "NVD", "id": "CVE-2022-24287" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions \u003c V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode. Siemens\u0027 SIMATIC PCS 7 , SIMATIC WinCC , SIMATIC WinCC Runtime Professional contains an insecure initialization of resources to default values.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and supervisory control (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants. Siemens SIMATIC WinCC", "sources": [ { "db": "NVD", "id": "CVE-2022-24287" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" }, { "db": "VULMON", "id": "CVE-2022-24287" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-24287", "trust": 4.0 }, { "db": "SIEMENS", "id": "SSA-363107", "trust": 3.1 }, { "db": "ICS CERT", "id": "ICSA-22-132-06", "trust": 1.5 }, { "db": "JVN", "id": "JVNVU92977068", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-010187", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-36387", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2022.2356", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022051718", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202205-2738", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-413914", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2022-24287", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" }, { "db": "VULMON", "id": "CVE-2022-24287" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "id": "VAR-202205-0677", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" } ], "trust": 1.390281485 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" } ] }, "last_update_date": "2024-11-23T21:50:30.100000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens SIMATIC WinCC Kiosk Mode Improper Initialization Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/332571" }, { "title": "Siemens SIMATIC WinCC Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=245484" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "CNNVD", "id": "CNNVD-202205-2738" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-1188", "trust": 1.0 }, { "problemtype": "Initializing Resources to Unsafe Default Values (CWE-1188) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu92977068/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-24287" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-06" }, { "trust": 0.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-363107.html" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-wincc-user-access-via-kiosk-mode-38295" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-06" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022051718" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-24287/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.2356" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-06" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" }, { "db": "VULMON", "id": "CVE-2022-24287" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" }, { "db": "VULMON", "id": "CVE-2022-24287" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-05-12T00:00:00", "db": "CNVD", "id": "CNVD-2022-36387" }, { "date": "2022-05-20T00:00:00", "db": "VULHUB", "id": "VHN-413914" }, { "date": "2023-08-10T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "date": "2022-05-10T00:00:00", "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "date": "2022-05-20T13:15:14.680000", "db": "NVD", "id": "CVE-2022-24287" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-05-11T00:00:00", "db": "CNVD", "id": "CNVD-2022-36387" }, { "date": "2022-06-14T00:00:00", "db": "VULHUB", "id": "VHN-413914" }, { "date": "2023-08-10T08:26:00", "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "date": "2023-07-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "date": "2024-11-21T06:50:05.667000", "db": "NVD", "id": "CVE-2022-24287" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-2738" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Insecure initialization of resources to default values \u200b\u200bin multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-010187" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-2738" } ], "trust": 0.6 } }
var-201007-0198
Vulnerability from variot
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. The Siemens SIMATIC WinCC data uses the built-in user name and password and does not inform the user that it needs to be modified. An attacker can use this information to read database data or inject code into a database. Siemens SIMATIC WinCC is affected by a vulnerability that allows attackers to bypass security. Successfully exploiting this issue may lead to further attacks. ----------------------------------------------------------------------
"From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420."
Non-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more:
http://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf
TITLE: Siemens SIMATIC WinCC Undocumented Database User Account
SECUNIA ADVISORY ID: SA40682
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40682/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40682
RELEASE DATE: 2010-07-24
DISCUSS ADVISORY: http://secunia.com/advisories/40682/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40682/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40682
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A security issue has been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to gain unauthorised access.
SOLUTION: Restrict network access to the database to trusted users only.
PROVIDED AND/OR DISCOVERED BY: Discovered in the wild.
ORIGINAL ADVISORY: http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22 http://www.f-secure.com/weblog/archives/00001987.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201007-0198", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc", "scope": "eq", "trust": 2.5, "vendor": "siemens", "version": "6.2" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "simatic pcs 7", "version": "7.0" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "simatic pcs 7", "version": "7.1" }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic wincc", "version": "6.2" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic wincc", "version": "7.0" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs 7", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs 7", "version": "6.1" }, { "model": "simatic wincc", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" } ], "sources": [ { "db": "IVD", "id": "06a89dde-2356-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1" }, { "db": "IVD", "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2010-1369" }, { "db": "BID", "id": "41753" }, { "db": "JVNDB", "id": "JVNDB-2010-001829" }, { "db": "CNNVD", "id": "CNNVD-201007-241" }, { "db": "NVD", "id": "CVE-2010-2772" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens", "sources": [ { "db": "BID", "id": "41753" } ], "trust": 0.3 }, "cve": "CVE-2010-2772", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "CVE-2010-2772", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "06a89dde-2356-11e6-abef-000c29c66e3d", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "VHN-45377", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2010-2772", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2010-2772", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2010-2772", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2010-2772", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-201007-241", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "06a89dde-2356-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-45377", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2010-2772", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "06a89dde-2356-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1" }, { "db": "IVD", "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-45377" }, { "db": "VULMON", "id": "CVE-2010-2772" }, { "db": "JVNDB", "id": "JVNDB-2010-001829" }, { "db": "CNNVD", "id": "CNNVD-201007-241" }, { "db": "NVD", "id": "CVE-2010-2772" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. The Siemens SIMATIC WinCC data uses the built-in user name and password and does not inform the user that it needs to be modified. An attacker can use this information to read database data or inject code into a database. Siemens SIMATIC WinCC is affected by a vulnerability that allows attackers to bypass security. Successfully exploiting this issue may lead to further attacks. ----------------------------------------------------------------------\n\n\n\"From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420.\"\n\nNon-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more:\n\nhttp://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Undocumented Database User Account\n\nSECUNIA ADVISORY ID:\nSA40682\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40682/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40682\n\nRELEASE DATE:\n2010-07-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40682/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40682/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40682\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in Siemens SIMATIC WinCC, which\ncan be exploited by malicious people to gain unauthorised access. \n\nSOLUTION:\nRestrict network access to the database to trusted users only. \n\nPROVIDED AND/OR DISCOVERED BY:\nDiscovered in the wild. \n\nORIGINAL ADVISORY:\nhttp://www.wilderssecurity.com/showpost.php?p=1712134\u0026postcount=22\nhttp://www.f-secure.com/weblog/archives/00001987.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2010-2772" }, { "db": "JVNDB", "id": "JVNDB-2010-001829" }, { "db": "CNVD", "id": "CNVD-2010-1369" }, { "db": "BID", "id": "41753" }, { "db": "IVD", "id": "06a89dde-2356-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1" }, { "db": "IVD", "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-45377" }, { "db": "VULMON", "id": "CVE-2010-2772" }, { "db": "PACKETSTORM", "id": "92130" } ], "trust": 3.24 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2010-2772", "trust": 4.3 }, { "db": "BID", "id": "41753", "trust": 2.9 }, { "db": "SECUNIA", "id": "40682", "trust": 2.1 }, { "db": "ICS CERT", "id": "ICSA-12-205-01", "trust": 2.0 }, { "db": "VUPEN", "id": "ADV-2010-1893", "trust": 1.9 }, { "db": "CNNVD", "id": "CNNVD-201007-241", "trust": 1.3 }, { "db": "CNVD", "id": "CNVD-2010-1369", "trust": 1.0 }, { "db": "XF", "id": "60587", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2010-001829", "trust": 0.8 }, { "db": "IVD", "id": "06A89DDE-2356-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "IVD", "id": "7D70CFDF-463F-11E9-AD83-000C29342CB1", "trust": 0.2 }, { "db": "IVD", "id": "407E95F0-1FB3-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-45377", "trust": 0.1 }, { "db": "VUPEN", "id": "2010/1893", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2010-2772", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "92130", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "06a89dde-2356-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1" }, { "db": "IVD", "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2010-1369" }, { "db": "VULHUB", "id": "VHN-45377" }, { "db": "VULMON", "id": "CVE-2010-2772" }, { "db": "BID", "id": "41753" }, { "db": "JVNDB", "id": "JVNDB-2010-001829" }, { "db": "PACKETSTORM", "id": "92130" }, { "db": "CNNVD", "id": "CNNVD-201007-241" }, { "db": "NVD", "id": "CVE-2010-2772" } ] }, "id": "VAR-201007-0198", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "06a89dde-2356-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1" }, { "db": "IVD", "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2010-1369" }, { "db": "VULHUB", "id": "VHN-45377" } ], "trust": 1.9286399 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.2 } ], "sources": [ { "db": "IVD", "id": "06a89dde-2356-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1" }, { "db": "IVD", "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2010-1369" } ] }, "last_update_date": "2024-11-23T22:46:22.480000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Product\u00a0Support", "trust": 0.8, "url": "http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo\u0026aktprim=0\u0026siteid=cseus\u0026lang=en\u0026siteid=cseus\u0026groupid=4000003\u0026groupid=4000003\u0026groupid=4000003\u0026extranet=standard\u0026viewreg=WW\u0026nodeid0=10805583" }, { "title": "Siemens SIMATIC WinCC default password security bypass vulnerability patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/81338" }, { "title": "win32-stuxnet", "trust": 0.1, "url": "https://github.com/uraninite/win32-stuxnet " }, { "title": "welivesecurity", "trust": 0.1, "url": "https://www.welivesecurity.com/2016/06/07/infrastructure-attacks-next-generation/" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/kelihos-update-includes-new-tld-and-usb-infection-capabilities-121112/77299/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2010-1369" }, { "db": "VULMON", "id": "CVE-2010-2772" }, { "db": "JVNDB", "id": "JVNDB-2010-001829" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-798", "trust": 1.0 }, { "problemtype": "Use hard-coded credentials (CWE-798) [NVD evaluation ]", "trust": 0.8 }, { "problemtype": "CWE-255", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-45377" }, { "db": "JVNDB", "id": "JVNDB-2010-001829" }, { "db": "NVD", "id": "CVE-2010-2772" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://www.securityfocus.com/bid/41753" }, { "trust": 2.0, "url": "http://ics-cert.us-cert.gov/advisories/icsa-12-205-01" }, { "trust": 2.0, "url": "http://secunia.com/advisories/40682" }, { "trust": 2.0, "url": "http://www.vupen.com/english/advisories/2010/1893" }, { "trust": 1.8, "url": "http://www.sea.siemens.com/us/news/industrial/pages/wincc_update.aspx" }, { "trust": 1.8, "url": "http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725" }, { "trust": 1.8, "url": "http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr" }, { "trust": 1.8, "url": "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/" }, { "trust": 1.8, "url": "http://www.wired.com/threatlevel/2010/07/siemens-scada/" }, { "trust": 1.7, "url": "http://www.automation.siemens.com/forum/guests/postshow.aspx?postid=16127\u002616127\u0026language=en\u0026pageindex=1" }, { "trust": 1.4, "url": "http://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo\u0026lang=en\u0026objid=43876783\u0026caller=viewhttp://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo\u0026lang=en\u0026objid=43876783\u0026c" }, { "trust": 1.3, "url": "http://www.f-secure.com/weblog/archives/00001987.html" }, { "trust": 1.2, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60587" }, { "trust": 1.2, "url": "http://www.wilderssecurity.com/showpost.php?p=1712134\u0026postcount=22" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2772" }, { "trust": 0.8, "url": "http://xforce.iss.net/xforce/xfdb/60587" }, { "trust": 0.6, "url": "http://it.slashdot.org/comments.pl?sid=1721020" }, { "trust": 0.3, "url": "http://it.slashdot.org/comments.pl?sid=1721020\u0026cid=32920758" }, { "trust": 0.3, "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx" }, { "trust": 0.3, "url": "https://www.automation.siemens.com/forum/guests/postshow.aspx?postid=16127\u0026language=en\u0026pageindex=2" }, { "trust": 0.1, "url": "http://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo\u0026amp;lang=en\u0026amp;objid=43876783\u0026amp;caller=viewhttp://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo\u0026amp;lang=en\u0026amp;objid=43876783\u0026amp;c" }, { "trust": 0.1, "url": "http://www.automation.siemens.com/forum/guests/postshow.aspx?postid=16127\u0026amp;16127\u0026amp;language=en\u0026amp;pageindex=1" }, { "trust": 0.1, "url": "http://www.wilderssecurity.com/showpost.php?p=1712134\u0026amp;postcount=22" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/255.html" }, { "trust": 0.1, "url": "https://github.com/uraninite/win32-stuxnet" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=20969" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://threatpost.com/kelihos-update-includes-new-tld-and-usb-infection-capabilities-121112/77299/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40682" }, { "trust": 0.1, "url": "http://secunia.com/products/corporate/evm/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/40682/#comments" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/40682/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/gfx/pdf/secunia_half_year_report_2010.pdf" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2010-1369" }, { "db": "VULHUB", "id": "VHN-45377" }, { "db": "VULMON", "id": "CVE-2010-2772" }, { "db": "BID", "id": "41753" }, { "db": "JVNDB", "id": "JVNDB-2010-001829" }, { "db": "PACKETSTORM", "id": "92130" }, { "db": "CNNVD", "id": "CNNVD-201007-241" }, { "db": "NVD", "id": "CVE-2010-2772" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "06a89dde-2356-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1" }, { "db": "IVD", "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2010-1369" }, { "db": "VULHUB", "id": "VHN-45377" }, { "db": "VULMON", "id": "CVE-2010-2772" }, { "db": "BID", "id": "41753" }, { "db": "JVNDB", "id": "JVNDB-2010-001829" }, { "db": "PACKETSTORM", "id": "92130" }, { "db": "CNNVD", "id": "CNNVD-201007-241" }, { "db": "NVD", "id": "CVE-2010-2772" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2010-07-23T00:00:00", "db": "IVD", "id": "06a89dde-2356-11e6-abef-000c29c66e3d" }, { "date": "2010-07-18T00:00:00", "db": "IVD", "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1" }, { "date": "2010-07-18T00:00:00", "db": "IVD", "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d" }, { "date": "2010-07-18T00:00:00", "db": "CNVD", "id": "CNVD-2010-1369" }, { "date": "2010-07-22T00:00:00", "db": "VULHUB", "id": "VHN-45377" }, { "date": "2010-07-22T00:00:00", "db": "VULMON", "id": "CVE-2010-2772" }, { "date": "2010-07-16T00:00:00", "db": "BID", "id": "41753" }, { "date": "2010-08-16T00:00:00", "db": "JVNDB", "id": "JVNDB-2010-001829" }, { "date": "2010-07-26T12:08:47", "db": "PACKETSTORM", "id": "92130" }, { "date": "2010-07-23T00:00:00", "db": "CNNVD", "id": "CNNVD-201007-241" }, { "date": "2010-07-22T05:43:58.250000", "db": "NVD", "id": "CVE-2010-2772" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2010-1369" }, { "date": "2017-08-17T00:00:00", "db": "VULHUB", "id": "VHN-45377" }, { "date": "2017-08-17T00:00:00", "db": "VULMON", "id": "CVE-2010-2772" }, { "date": "2015-03-19T09:27:00", "db": "BID", "id": "41753" }, { "date": "2024-03-01T04:05:00", "db": "JVNDB", "id": "JVNDB-2010-001829" }, { "date": "2010-07-23T00:00:00", "db": "CNNVD", "id": "CNNVD-201007-241" }, { "date": "2024-11-21T01:17:21.660000", "db": "NVD", "id": "CVE-2010-2772" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201007-241" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC Default Password Security Bypass Vulnerability", "sources": [ { "db": "IVD", "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1" }, { "db": "IVD", "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2010-1369" }, { "db": "BID", "id": "41753" } ], "trust": 1.3 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Trust management", "sources": [ { "db": "IVD", "id": "06a89dde-2356-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1" }, { "db": "IVD", "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201007-241" } ], "trust": 1.2 } }
var-201711-1076
Vulnerability from variot
An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface. SIMATIC PCS 7 is a set of distributed process control systems using WinCC from Siemens AG, Germany. Siemens SIMATIC PCS 7 is prone to a denial-of-service vulnerability. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201711-1076", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs7", "scope": "eq", "trust": 1.9, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "8.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.3" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1\u003cv8.1" }, { "model": "simatic pcs upd", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v7.313" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.313" }, { "model": "simatic pcs7 sp1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs siemens simatic pcs upd 13siemens simatic pcs", "scope": "eq", "trust": 0.2, "vendor": "siemens", "version": "7v8.17v7.37v8.2" } ], "sources": [ { "db": "IVD", "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12" }, { "db": "CNVD", "id": "CNVD-2017-32563" }, { "db": "BID", "id": "101680" }, { "db": "JVNDB", "id": "JVNDB-2017-009948" }, { "db": "CNNVD", "id": "CNNVD-201708-1252" }, { "db": "NVD", "id": "CVE-2017-14023" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-009948" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Sergey Temnikov and Vladimir Dashchenko of Kaspersky Labs.", "sources": [ { "db": "BID", "id": "101680" } ], "trust": 0.3 }, "cve": "CVE-2017-14023", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "exploitabilityScore": 8.0, "id": "CVE-2017-14023", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2017-32563", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "exploitabilityScore": 8.0, "id": "VHN-104704", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 1.2, "id": "CVE-2017-14023", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 4.9, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2017-14023", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2017-14023", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2017-14023", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2017-32563", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201708-1252", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-104704", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12" }, { "db": "CNVD", "id": "CNVD-2017-32563" }, { "db": "VULHUB", "id": "VHN-104704" }, { "db": "JVNDB", "id": "JVNDB-2017-009948" }, { "db": "CNNVD", "id": "CNNVD-201708-1252" }, { "db": "NVD", "id": "CVE-2017-14023" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface. SIMATIC PCS 7 is a set of distributed process control systems using WinCC from Siemens AG, Germany. Siemens SIMATIC PCS 7 is prone to a denial-of-service vulnerability. \nRemote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users", "sources": [ { "db": "NVD", "id": "CVE-2017-14023" }, { "db": "JVNDB", "id": "JVNDB-2017-009948" }, { "db": "CNVD", "id": "CNVD-2017-32563" }, { "db": "BID", "id": "101680" }, { "db": "IVD", "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12" }, { "db": "VULHUB", "id": "VHN-104704" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2017-14023", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-17-306-01", "trust": 3.4 }, { "db": "BID", "id": "101680", "trust": 2.0 }, { "db": "SECTRACK", "id": "1039729", "trust": 1.7 }, { "db": "CNNVD", "id": "CNNVD-201708-1252", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2017-32563", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2017-009948", "trust": 0.8 }, { "db": "IVD", "id": "0FE3415C-AF39-4C5B-A5D8-06FF8B01DB12", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-104704", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12" }, { "db": "CNVD", "id": "CNVD-2017-32563" }, { "db": "VULHUB", "id": "VHN-104704" }, { "db": "BID", "id": "101680" }, { "db": "JVNDB", "id": "JVNDB-2017-009948" }, { "db": "CNNVD", "id": "CNNVD-201708-1252" }, { "db": "NVD", "id": "CVE-2017-14023" } ] }, "id": "VAR-201711-1076", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12" }, { "db": "CNVD", "id": "CNVD-2017-32563" }, { "db": "VULHUB", "id": "VHN-104704" } ], "trust": 1.5482599333333333 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12" }, { "db": "CNVD", "id": "CNVD-2017-32563" } ] }, "last_update_date": "2024-11-23T22:07:25.748000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-523365", "trust": 0.8, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-523365.pdf" }, { "title": "Siemens SIMATIC PCS 7 patch for denial of service vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/105313" }, { "title": "Siemens SIMATIC PCS Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100013" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-32563" }, { "db": "JVNDB", "id": "JVNDB-2017-009948" }, { "db": "CNNVD", "id": "CNNVD-201708-1252" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-104704" }, { "db": "JVNDB", "id": "JVNDB-2017-009948" }, { "db": "NVD", "id": "CVE-2017-14023" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.4, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-01" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/101680" }, { "trust": 1.7, "url": "http://www.securitytracker.com/id/1039729" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14023" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14023" }, { "trust": 0.3, "url": "http://www.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-32563" }, { "db": "VULHUB", "id": "VHN-104704" }, { "db": "BID", "id": "101680" }, { "db": "JVNDB", "id": "JVNDB-2017-009948" }, { "db": "CNNVD", "id": "CNNVD-201708-1252" }, { "db": "NVD", "id": "CVE-2017-14023" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12" }, { "db": "CNVD", "id": "CNVD-2017-32563" }, { "db": "VULHUB", "id": "VHN-104704" }, { "db": "BID", "id": "101680" }, { "db": "JVNDB", "id": "JVNDB-2017-009948" }, { "db": "CNNVD", "id": "CNNVD-201708-1252" }, { "db": "NVD", "id": "CVE-2017-14023" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-11-03T00:00:00", "db": "IVD", "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12" }, { "date": "2017-11-03T00:00:00", "db": "CNVD", "id": "CNVD-2017-32563" }, { "date": "2017-11-06T00:00:00", "db": "VULHUB", "id": "VHN-104704" }, { "date": "2017-11-02T00:00:00", "db": "BID", "id": "101680" }, { "date": "2017-11-29T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-009948" }, { "date": "2017-08-31T00:00:00", "db": "CNNVD", "id": "CNNVD-201708-1252" }, { "date": "2017-11-06T22:29:00.270000", "db": "NVD", "id": "CVE-2017-14023" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-11-03T00:00:00", "db": "CNVD", "id": "CNVD-2017-32563" }, { "date": "2021-11-15T00:00:00", "db": "VULHUB", "id": "VHN-104704" }, { "date": "2017-12-19T22:00:00", "db": "BID", "id": "101680" }, { "date": "2017-11-29T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-009948" }, { "date": "2019-10-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201708-1252" }, { "date": "2024-11-21T03:11:58.977000", "db": "NVD", "id": "CVE-2017-14023" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201708-1252" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC PCS 7 Denial of service vulnerability", "sources": [ { "db": "IVD", "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12" }, { "db": "CNVD", "id": "CNVD-2017-32563" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation error", "sources": [ { "db": "IVD", "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12" }, { "db": "BID", "id": "101680" }, { "db": "CNNVD", "id": "CNNVD-201708-1252" } ], "trust": 1.1 } }
var-202402-1390
Vulnerability from variot
A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain unorganized RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202402-1390", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime professional", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "18" }, { "model": "openpcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic route control", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "19" }, { "model": "simatic batch", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic batch", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic route control", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "openpcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.1" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "79.1" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "9.1" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v18" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v19" }, { "model": "simatic wincc sp2 update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "7.515" }, { "model": "simatic wincc sp4", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "8.0" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "cve": "CVE-2023-48363", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CNVD-2024-09315", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2023-48363", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2023-48363", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-48363", "trust": 1.0, "value": "MEDIUM" }, { "author": "productcert@siemens.com", "id": "CVE-2023-48363", "trust": 1.0, "value": "High" }, { "author": "NVD", "id": "CVE-2023-48363", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2024-09315", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 4). The implementation of the RPC (Remote Procedure call) \r\ncommunication protocol in the affected products do not \r\nproperly handle certain unorganized RPC messages. An \r\nattacker could use this vulnerability to cause a denial of service \r\ncondition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants", "sources": [ { "db": "NVD", "id": "CVE-2023-48363" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "VULMON", "id": "CVE-2023-48363" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-48363", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-753746", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-24-046-12", "trust": 0.9 }, { "db": "JVN", "id": "JVNVU91198149", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU94620134", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-027390", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2024-09315", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-48363", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "VULMON", "id": "CVE-2023-48363" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "id": "VAR-202402-1390", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" } ], "trust": 1.295444247142857 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" } ] }, "last_update_date": "2024-10-24T21:07:58.957000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Null pointer dereference vulnerabilities in multiple Siemens products", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/526511" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-476", "trust": 1.0 }, { "problemtype": "NULL Pointer dereference (CWE-476) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html" }, { "trust": 0.9, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-12" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91198149/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu94620134/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-48363" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/476.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "VULMON", "id": "CVE-2023-48363" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "VULMON", "id": "CVE-2023-48363" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-02-23T00:00:00", "db": "CNVD", "id": "CNVD-2024-09315" }, { "date": "2024-02-13T00:00:00", "db": "VULMON", "id": "CVE-2023-48363" }, { "date": "2024-10-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "date": "2024-02-13T09:15:45.763000", "db": "NVD", "id": "CVE-2023-48363" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-02-21T00:00:00", "db": "CNVD", "id": "CNVD-2024-09315" }, { "date": "2024-02-13T00:00:00", "db": "VULMON", "id": "CVE-2023-48363" }, { "date": "2024-10-21T00:55:00", "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "date": "2024-10-18T17:26:54.187000", "db": "NVD", "id": "CVE-2023-48363" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "in multiple Siemens products \u00a0NULL\u00a0 Pointer dereference vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-027390" } ], "trust": 0.8 } }
var-201905-1321
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The Siemens SIMATIC PCS 7 and SIMATIC WinCC input validation error vulnerability stems from a network system or product that does not properly validate the input data, and an authenticated attacker can exploit the vulnerability to execute arbitrary commands with SYSTEM privileges. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1321", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime professional", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13.0" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v14" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v15" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.1.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.3.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.5 upd3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "13.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "14.x" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.5" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.0 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.2.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.4.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "15.x" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.2 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "9.0.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v8.0" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc upd3", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5.*\u003cv7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "79.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.53" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "13.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "14.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "15.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime professional", "version": "*" } ], "sources": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004568" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab,ChengBin Wang from ZheJiang Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-592" } ], "trust": 0.6 }, "cve": "CVE-2019-10918", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "CVE-2019-10918", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "CNVD-2019-14940", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "VHN-142512", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2019-10918", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2019-10918", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-10918", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-10918", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2019-14940", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201905-592", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-142512", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2019-10918", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULHUB", "id": "VHN-142512" }, { "db": "VULMON", "id": "CVE-2019-10918" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "CNNVD", "id": "CNNVD-201905-592" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The Siemens SIMATIC PCS 7 and SIMATIC WinCC input validation error vulnerability stems from a network system or product that does not properly validate the input data, and an authenticated attacker can exploit the vulnerability to execute arbitrary commands with SYSTEM privileges. Siemens SIMATIC products are prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An SQL injection vulnerability3. \n3. An arbitrary command execution\nExploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. \nThe following Siemens SIMATIC products are affected:\nSIMATIC PCS 7 version 8.0 and prior\nSIMATIC PCS 7 version 8.1\nSIMATIC PCS 7 version 8.2\nSIMATIC PCS 7 version 9.0\nSIMATIC WinCC (TIA Portal) version 13\nSIMATIC WinCC (TIA Portal) version 14\nSIMATIC WinCC (TIA Portal) version 15\nSIMATIC WinCC Runtime Professional, all version\nSIMATIC WinCC version 7.2 and prior\nSIMATIC WinCC version 7.3\nSIMATIC WinCC version 7.4\nSIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3", "sources": [ { "db": "NVD", "id": "CVE-2019-10918" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "BID", "id": "108404" }, { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "VULHUB", "id": "VHN-142512" }, { "db": "VULMON", "id": "CVE-2019-10918" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10918", "trust": 3.7 }, { "db": "ICS CERT", "id": "ICSA-19-134-08", "trust": 3.5 }, { "db": "SIEMENS", "id": "SSA-697412", "trust": 1.8 }, { "db": "BID", "id": "108404", "trust": 1.0 }, { "db": "CNNVD", "id": "CNNVD-201905-592", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-14940", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-004568", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-19-134-02", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.1716.2", "trust": 0.6 }, { "db": "IVD", "id": "63A18FD7-D96A-4DF7-A648-6F834337CFC7", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-142512", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-10918", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULHUB", "id": "VHN-142512" }, { "db": "VULMON", "id": "CVE-2019-10918" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "CNNVD", "id": "CNNVD-201905-592" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "id": "VAR-201905-1321", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULHUB", "id": "VHN-142512" } ], "trust": 1.5496564849999999 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" } ] }, "last_update_date": "2024-11-23T21:37:16.574000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-697412", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "title": "Siemens SIMATIC PCS 7 and SIMATIC WinCC input patches for verification error vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/161829" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=8ee2a5f6493c2fed7b0aee2edd85e1cb" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULMON", "id": "CVE-2019-10918" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 }, { "problemtype": "CWE-749", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-142512" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-08" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "trust": 1.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-08" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10918" }, { "trust": 1.3, "url": "http://www.securityfocus.com/bid/108404" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10918" }, { "trust": 0.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80946" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/20.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULHUB", "id": "VHN-142512" }, { "db": "VULMON", "id": "CVE-2019-10918" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "CNNVD", "id": "CNNVD-201905-592" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULHUB", "id": "VHN-142512" }, { "db": "VULMON", "id": "CVE-2019-10918" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "CNNVD", "id": "CNNVD-201905-592" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14940" }, { "date": "2019-05-14T00:00:00", "db": "VULHUB", "id": "VHN-142512" }, { "date": "2019-05-14T00:00:00", "db": "VULMON", "id": "CVE-2019-10918" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108404" }, { "date": "2019-06-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "date": "2019-05-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-592" }, { "date": "2019-05-14T20:29:02.483000", "db": "NVD", "id": "CVE-2019-10918" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14940" }, { "date": "2019-10-10T00:00:00", "db": "VULHUB", "id": "VHN-142512" }, { "date": "2019-10-10T00:00:00", "db": "VULMON", "id": "CVE-2019-10918" }, { "date": "2019-05-22T06:00:00", "db": "BID", "id": "108404" }, { "date": "2019-07-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "date": "2021-10-29T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-592" }, { "date": "2024-11-21T04:20:08.927000", "db": "NVD", "id": "CVE-2019-10918" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-592" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Vulnerability related to input validation in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004568" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-592" } ], "trust": 0.6 } }
var-202006-1828
Vulnerability from variot
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. plural SIMATIC The product contains vulnerabilities in unquoted search paths or elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Opera Software, Opera, etc. are all products of Opera Software in Norway. Opera is a web browser, Siemens SIMATIC S7-1500, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Code issue vulnerabilities exist in several products. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1828", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs neo", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic prosave", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic automatic tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc runtime professional", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics starter commissioning tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc open architecture", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.17" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic net pc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic step 7", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "sinec network management system", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic step 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "sinema server", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic step 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.6" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "sinamics startdrive", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinumerik one virtual", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinumerik operate", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc open architecture", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.16" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "21.8" }, { "model": "simatic step 7", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.6" }, { "model": "simatic automation tool", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic net pc software", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs neo", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic prosave", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic step 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc oa", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_automation_tool", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_neo", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_prosave", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_open_architecture", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006496" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Ander Martinez of Titanium Industrial Security and INCIBE reported this vulnerability to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-636" } ], "trust": 0.6 }, "cve": "CVE-2020-7580", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "CVE-2020-7580", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.1, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 7.2, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "JVNDB-2020-006496", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "VHN-185705", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 0.8, "id": "CVE-2020-7580", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.7, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-006496", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2020-7580", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "JVNDB-2020-006496", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-202006-636", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-185705", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2020-7580", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. plural SIMATIC The product contains vulnerabilities in unquoted search paths or elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Opera Software, Opera, etc. are all products of Opera Software in Norway. Opera is a web browser, Siemens SIMATIC S7-1500, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Code issue vulnerabilities exist in several products. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products", "sources": [ { "db": "NVD", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" } ], "trust": 1.8 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-7580", "trust": 2.6 }, { "db": "ICS CERT", "id": "ICSA-20-161-04", "trust": 2.6 }, { "db": "SIEMENS", "id": "SSA-312271", "trust": 1.8 }, { "db": "JVN", "id": "JVNVU97501786", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2020-006496", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202006-636", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.2015", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-185705", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2020-7580", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "id": "VAR-202006-1828", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-185705" } ], "trust": 0.6991104690909089 }, "last_update_date": "2024-11-23T20:22:32.187000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-312271:Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf" }, { "title": "Multiple Siemens Product code issue vulnerability fixes", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=121186" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9c51f352314e5a42566d9203d2f1e0a2" } ], "sources": [ { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-428", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.2, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7580" }, { "trust": 1.2, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-04" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7580" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu97501786/" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-code-execution-via-windows-exe-extension-32489" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2015/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/428.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-161-04" } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-06-10T00:00:00", "db": "VULHUB", "id": "VHN-185705" }, { "date": "2020-06-10T00:00:00", "db": "VULMON", "id": "CVE-2020-7580" }, { "date": "2020-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "date": "2020-06-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202006-636" }, { "date": "2020-06-10T17:15:12.347000", "db": "NVD", "id": "CVE-2020-7580" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-13T00:00:00", "db": "VULHUB", "id": "VHN-185705" }, { "date": "2022-04-12T00:00:00", "db": "VULMON", "id": "CVE-2020-7580" }, { "date": "2020-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "date": "2022-12-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202006-636" }, { "date": "2024-11-21T05:37:24.840000", "db": "NVD", "id": "CVE-2020-7580" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-636" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Vulnerabilities in unquoted search paths or elements in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006496" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-636" } ], "trust": 0.6 } }
var-201303-0257
Vulnerability from variot
Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet. A buffer overflow vulnerability exists in CCEServer in versions of Siemens WinCC prior to 7.2 used in SIMATIC PCS7. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0257", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.4, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.0 sp1" }, { "model": "wincc", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c8.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "08df6392-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02147" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2013-001988" }, { "db": "CNNVD", "id": "CNNVD-201303-443" }, { "db": "NVD", "id": "CVE-2013-0675" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-001988" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies", "sources": [ { "db": "BID", "id": "58545" }, { "db": "CNNVD", "id": "CNNVD-201303-363" } ], "trust": 0.9 }, "cve": "CVE-2013-0675", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CVE-2013-0675", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CNVD-2013-02147", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2013-02175", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "08df6392-2353-11e6-abef-000c29c66e3d", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "VHN-60677", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2013-0675", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2013-0675", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2013-02147", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2013-02175", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201303-443", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "08df6392-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-60677", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "08df6392-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02147" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60677" }, { "db": "JVNDB", "id": "JVNDB-2013-001988" }, { "db": "CNNVD", "id": "CNNVD-201303-443" }, { "db": "NVD", "id": "CVE-2013-0675" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet. A buffer overflow vulnerability exists in CCEServer in versions of Siemens WinCC prior to 7.2 used in SIMATIC PCS7. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions", "sources": [ { "db": "NVD", "id": "CVE-2013-0675" }, { "db": "JVNDB", "id": "JVNDB-2013-001988" }, { "db": "CNVD", "id": "CNVD-2013-02147" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "BID", "id": "58545" }, { "db": "IVD", "id": "08df6392-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-60677" } ], "trust": 3.24 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2013-0675", "trust": 3.7 }, { "db": "ICS CERT", "id": "ICSA-13-079-02", "trust": 2.8 }, { "db": "SIEMENS", "id": "SSA-714398", "trust": 2.0 }, { "db": "BID", "id": "58545", "trust": 1.5 }, { "db": "CNNVD", "id": "CNNVD-201303-443", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2013-02147", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2013-001988", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2013-02175", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201303-363", "trust": 0.6 }, { "db": "IVD", "id": "08DF6392-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-60677", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120899", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "08df6392-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02147" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60677" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001988" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-443" }, { "db": "NVD", "id": "CVE-2013-0675" } ] }, "id": "VAR-201303-0257", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "08df6392-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02147" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60677" } ], "trust": 2.1048571666666667 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.4 } ], "sources": [ { "db": "IVD", "id": "08df6392-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02147" }, { "db": "CNVD", "id": "CNVD-2013-02175" } ] }, "last_update_date": "2024-11-23T21:45:45.034000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.siemens.com/entry/cc/en/" }, { "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/answers/jp/ja/" }, { "title": "Patch for Siemens WinCC CCEServer Buffer Overflow Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/33000" }, { "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/33002" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02147" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2013-001988" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-60677" }, { "db": "JVNDB", "id": "JVNDB-2013-001988" }, { "db": "NVD", "id": "CVE-2013-0675" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "trust": 2.0, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0675" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/58545" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0675" }, { "trust": 0.8, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf" }, { "trust": 0.3, "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02147" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60677" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001988" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-443" }, { "db": "NVD", "id": "CVE-2013-0675" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "08df6392-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02147" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60677" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001988" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-443" }, { "db": "NVD", "id": "CVE-2013-0675" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-26T00:00:00", "db": "IVD", "id": "08df6392-2353-11e6-abef-000c29c66e3d" }, { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02147" }, { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-21T00:00:00", "db": "VULHUB", "id": "VHN-60677" }, { "date": "2013-03-15T00:00:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001988" }, { "date": "2013-03-21T15:07:17", "db": "PACKETSTORM", "id": "120899" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-22T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-443" }, { "date": "2013-03-21T15:55:01.553000", "db": "NVD", "id": "CVE-2013-0675" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02147" }, { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-22T00:00:00", "db": "VULHUB", "id": "VHN-60677" }, { "date": "2013-04-02T15:37:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001988" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-443" }, { "date": "2024-11-21T01:47:59.333000", "db": "NVD", "id": "CVE-2013-0675" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens WinCC CCEServer Buffer Overflow Vulnerability", "sources": [ { "db": "IVD", "id": "08df6392-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02147" }, { "db": "CNNVD", "id": "CNNVD-201303-443" } ], "trust": 1.4 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Buffer overflow", "sources": [ { "db": "IVD", "id": "08df6392-2353-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201303-443" } ], "trust": 0.8 } }
var-201905-1324
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that originated from a network system or product that did not properly validate the entered data. service. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1324", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime professional", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13.0" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v14" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v15" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.1.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.3.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.5 upd3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "13.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "14.x" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.5" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.0 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.2.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.4.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "15.x" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.2 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "9.0.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=7.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc upd3", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5.*\u003cv7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "79.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.53" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "13.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "14.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "15.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime professional", "version": "*" } ], "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004567" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab, and ChengBin Wang from Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-595" } ], "trust": 0.6 }, "cve": "CVE-2019-10917", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2019-10917", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CNVD-2019-14939", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.2, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "VHN-142511", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 1.8, "id": "CVE-2019-10917", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-10917", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-10917", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2019-10917", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2019-14939", "trust": 0.6, "value": "LOW" }, { "author": "CNNVD", "id": "CNNVD-201905-595", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-142511", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "VULHUB", "id": "VHN-142511" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "CNNVD", "id": "CNNVD-201905-595" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that originated from a network system or product that did not properly validate the entered data. service. Siemens SIMATIC products are prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An SQL injection vulnerability3. \n3. An arbitrary command execution\nExploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. \nThe following Siemens SIMATIC products are affected:\nSIMATIC PCS 7 version 8.0 and prior\nSIMATIC PCS 7 version 8.1\nSIMATIC PCS 7 version 8.2\nSIMATIC PCS 7 version 9.0\nSIMATIC WinCC (TIA Portal) version 13\nSIMATIC WinCC (TIA Portal) version 14\nSIMATIC WinCC (TIA Portal) version 15\nSIMATIC WinCC Runtime Professional, all version\nSIMATIC WinCC version 7.2 and prior\nSIMATIC WinCC version 7.3\nSIMATIC WinCC version 7.4\nSIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3", "sources": [ { "db": "NVD", "id": "CVE-2019-10917" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "BID", "id": "108404" }, { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "VULHUB", "id": "VHN-142511" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10917", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-19-134-08", "trust": 3.4 }, { "db": "SIEMENS", "id": "SSA-697412", "trust": 1.7 }, { "db": "CNNVD", "id": "CNNVD-201905-595", "trust": 0.9 }, { "db": "BID", "id": "108404", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-14939", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-004567", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-19-134-02", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.1716.2", "trust": 0.6 }, { "db": "IVD", "id": "DF80F7D1-C23D-4B6B-A4D2-D114F7117CD6", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-142511", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "VULHUB", "id": "VHN-142511" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "CNNVD", "id": "CNNVD-201905-595" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "id": "VAR-201905-1324", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "VULHUB", "id": "VHN-142511" } ], "trust": 1.5496564849999999 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" } ] }, "last_update_date": "2024-11-23T21:37:17.536000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-697412", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "title": "Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Input Validation Error Vulnerability (CNVD-2019-14939)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/161831" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-755", "trust": 1.1 }, { "problemtype": "CWE-248", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-142511" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-08" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "trust": 1.5, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-08" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10917" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/108404" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10917" }, { "trust": 0.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80946" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "VULHUB", "id": "VHN-142511" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "CNNVD", "id": "CNNVD-201905-595" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "VULHUB", "id": "VHN-142511" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "CNNVD", "id": "CNNVD-201905-595" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14939" }, { "date": "2019-05-14T00:00:00", "db": "VULHUB", "id": "VHN-142511" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108404" }, { "date": "2019-06-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "date": "2019-05-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-595" }, { "date": "2019-05-14T20:29:02.387000", "db": "NVD", "id": "CVE-2019-10917" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14939" }, { "date": "2021-11-02T00:00:00", "db": "VULHUB", "id": "VHN-142511" }, { "date": "2019-05-22T06:00:00", "db": "BID", "id": "108404" }, { "date": "2019-07-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "date": "2021-11-03T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-595" }, { "date": "2024-11-21T04:20:08.790000", "db": "NVD", "id": "CVE-2019-10917" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-595" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Vulnerability related to input validation in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004567" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation error", "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "BID", "id": "108404" }, { "db": "CNNVD", "id": "CNNVD-201905-595" } ], "trust": 1.1 } }
var-201303-0258
Vulnerability from variot
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0258", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.4, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.0 sp1" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c8.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "09019714-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2011-005228" }, { "db": "CNNVD", "id": "CNNVD-201303-444" }, { "db": "NVD", "id": "CVE-2013-0676" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-005228" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies", "sources": [ { "db": "BID", "id": "58545" }, { "db": "CNNVD", "id": "CNNVD-201303-363" } ], "trust": 0.9 }, "cve": "CVE-2013-0676", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "CVE-2013-0676", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2013-02175", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "09019714-2353-11e6-abef-000c29c66e3d", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "VHN-60678", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2013-0676", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2013-0676", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2013-02175", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201303-444", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "09019714-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-60678", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "09019714-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60678" }, { "db": "JVNDB", "id": "JVNDB-2011-005228" }, { "db": "CNNVD", "id": "CNNVD-201303-444" }, { "db": "NVD", "id": "CVE-2013-0676" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions", "sources": [ { "db": "NVD", "id": "CVE-2013-0676" }, { "db": "JVNDB", "id": "JVNDB-2011-005228" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "BID", "id": "58545" }, { "db": "IVD", "id": "09019714-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-60678" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2013-0676", "trust": 3.1 }, { "db": "ICS CERT", "id": "ICSA-13-079-02", "trust": 2.8 }, { "db": "SIEMENS", "id": "SSA-714398", "trust": 2.0 }, { "db": "BID", "id": "58545", "trust": 1.5 }, { "db": "CNNVD", "id": "CNNVD-201303-444", "trust": 0.9 }, { "db": "JVNDB", "id": "JVNDB-2011-005228", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2013-02175", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201303-363", "trust": 0.6 }, { "db": "IVD", "id": "09019714-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-60678", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120899", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "09019714-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60678" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2011-005228" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-444" }, { "db": "NVD", "id": "CVE-2013-0676" } ] }, "id": "VAR-201303-0258", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "09019714-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60678" } ], "trust": 1.5048571666666666 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "09019714-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" } ] }, "last_update_date": "2024-11-23T21:45:48.547000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.siemens.com/entry/cc/en/" }, { "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/answers/jp/ja/" }, { "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/33002" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2011-005228" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-60678" }, { "db": "JVNDB", "id": "JVNDB-2011-005228" }, { "db": "NVD", "id": "CVE-2013-0676" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "trust": 2.0, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/58545" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0676" }, { "trust": 0.8, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0676" }, { "trust": 0.3, "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60678" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2011-005228" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-444" }, { "db": "NVD", "id": "CVE-2013-0676" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "09019714-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60678" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2011-005228" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-444" }, { "db": "NVD", "id": "CVE-2013-0676" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-22T00:00:00", "db": "IVD", "id": "09019714-2353-11e6-abef-000c29c66e3d" }, { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-21T00:00:00", "db": "VULHUB", "id": "VHN-60678" }, { "date": "2013-03-15T00:00:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-005228" }, { "date": "2013-03-21T15:07:17", "db": "PACKETSTORM", "id": "120899" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-22T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-444" }, { "date": "2013-03-21T15:55:01.567000", "db": "NVD", "id": "CVE-2013-0676" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-22T00:00:00", "db": "VULHUB", "id": "VHN-60678" }, { "date": "2013-04-02T15:37:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-005228" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-29T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-444" }, { "date": "2024-11-21T01:47:59.443000", "db": "NVD", "id": "CVE-2013-0676" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-444" } ], "trust": 1.3 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities", "sources": [ { "db": "BID", "id": "58545" }, { "db": "CNNVD", "id": "CNNVD-201303-363" } ], "trust": 0.9 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control", "sources": [ { "db": "CNNVD", "id": "CNNVD-201303-444" } ], "trust": 0.6 } }
var-201303-0260
Vulnerability from variot
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0260", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.4, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.0 sp1" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "wincc", "version": "7.0" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c8.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "0911ad8e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2013-001990" }, { "db": "CNNVD", "id": "CNNVD-201303-446" }, { "db": "NVD", "id": "CVE-2013-0678" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-001990" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies", "sources": [ { "db": "BID", "id": "58545" }, { "db": "CNNVD", "id": "CNNVD-201303-363" } ], "trust": 0.9 }, "cve": "CVE-2013-0678", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "CVE-2013-0678", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2013-02175", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "0911ad8e-2353-11e6-abef-000c29c66e3d", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "VHN-60680", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2013-0678", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2013-0678", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2013-02175", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201303-446", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "0911ad8e-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-60680", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "0911ad8e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60680" }, { "db": "JVNDB", "id": "JVNDB-2013-001990" }, { "db": "CNNVD", "id": "CNNVD-201303-446" }, { "db": "NVD", "id": "CVE-2013-0678" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions", "sources": [ { "db": "NVD", "id": "CVE-2013-0678" }, { "db": "JVNDB", "id": "JVNDB-2013-001990" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "BID", "id": "58545" }, { "db": "IVD", "id": "0911ad8e-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-60680" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2013-0678", "trust": 3.1 }, { "db": "ICS CERT", "id": "ICSA-13-079-02", "trust": 2.8 }, { "db": "SIEMENS", "id": "SSA-714398", "trust": 2.0 }, { "db": "BID", "id": "58545", "trust": 1.5 }, { "db": "CNNVD", "id": "CNNVD-201303-446", "trust": 0.9 }, { "db": "JVNDB", "id": "JVNDB-2013-001990", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2013-02175", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201303-363", "trust": 0.6 }, { "db": "IVD", "id": "0911AD8E-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "120899", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-60680", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "0911ad8e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60680" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001990" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-446" }, { "db": "NVD", "id": "CVE-2013-0678" } ] }, "id": "VAR-201303-0260", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "0911ad8e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60680" } ], "trust": 1.5048571666666666 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "0911ad8e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" } ] }, "last_update_date": "2024-11-23T21:45:48.595000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.siemens.com/entry/cc/en/" }, { "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/answers/jp/ja/" }, { "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/33002" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2013-001990" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-255", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-60680" }, { "db": "JVNDB", "id": "JVNDB-2013-001990" }, { "db": "NVD", "id": "CVE-2013-0678" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "trust": 2.0, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/58545" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0678" }, { "trust": 0.8, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0678" }, { "trust": 0.3, "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60680" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001990" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-446" }, { "db": "NVD", "id": "CVE-2013-0678" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "0911ad8e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60680" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001990" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-446" }, { "db": "NVD", "id": "CVE-2013-0678" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-22T00:00:00", "db": "IVD", "id": "0911ad8e-2353-11e6-abef-000c29c66e3d" }, { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-21T00:00:00", "db": "VULHUB", "id": "VHN-60680" }, { "date": "2013-03-15T00:00:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001990" }, { "date": "2013-03-21T15:07:17", "db": "PACKETSTORM", "id": "120899" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-22T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-446" }, { "date": "2013-03-21T15:55:01.600000", "db": "NVD", "id": "CVE-2013-0678" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-22T00:00:00", "db": "VULHUB", "id": "VHN-60680" }, { "date": "2013-04-02T15:37:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001990" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-29T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-446" }, { "date": "2024-11-21T01:47:59.673000", "db": "NVD", "id": "CVE-2013-0678" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-446" } ], "trust": 1.3 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities", "sources": [ { "db": "BID", "id": "58545" }, { "db": "CNNVD", "id": "CNNVD-201303-363" } ], "trust": 0.9 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Trust management", "sources": [ { "db": "IVD", "id": "0911ad8e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201303-446" } ], "trust": 0.8 } }
var-202003-0764
Vulnerability from variot
A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions < V8.2 Upd12), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions < V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions < V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition. Successful exploitation requires no system privileges and no user interaction. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) It may be put into a state. Both Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of the German company Siemens. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is a set of automated data acquisition and monitoring (SCADA) system. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected:
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202003-0764", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "14.0.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "16" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "openpcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "openpcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0_update_1" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic route control", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic net pc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic batch", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic route control", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc software", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic openpcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic route control", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic net pc-software", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.1" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.2" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.1" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.0" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.0" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v9.0" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v9.0" }, { "model": "simatic wincc upd1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "7.5.1" }, { "model": "simatic wincc sp2", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "13" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic wincc", "version": "13" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic batch", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic batch", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic batch", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic net pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic net pc", "version": "16" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic route control", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic route control", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic route control", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.5.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "14.0.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "15.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "16" } ], "sources": [ { "db": "IVD", "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098" }, { "db": "CNVD", "id": "CNVD-2020-23038" }, { "db": "JVNDB", "id": "JVNDB-2019-014892" }, { "db": "NVD", "id": "CVE-2019-19282" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_openpcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_route_control", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-014892" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Nicholas Miles from Tenable reported this vulnerability to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202002-592" } ], "trust": 0.6 }, "cve": "CVE-2019-19282", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2019-19282", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 1.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 7.1, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2019-014892", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CNVD-2020-23038", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "VHN-151713", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2019-19282", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2019-014892", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-19282", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2019-19282", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2019-014892", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2020-23038", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202002-592", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-151713", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2019-19282", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098" }, { "db": "CNVD", "id": "CNVD-2020-23038" }, { "db": "VULHUB", "id": "VHN-151713" }, { "db": "VULMON", "id": "CVE-2019-19282" }, { "db": "JVNDB", "id": "JVNDB-2019-014892" }, { "db": "CNNVD", "id": "CNNVD-202002-592" }, { "db": "NVD", "id": "CVE-2019-19282" }, { "db": "NVD", "id": "CVE-2019-19282" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd12), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions \u003c V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions \u003c V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition. \nSuccessful exploitation requires no system privileges and no user interaction. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) It may be put into a state. Both Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of the German company Siemens. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is a set of automated data acquisition and monitoring (SCADA) system. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected:", "sources": [ { "db": "NVD", "id": "CVE-2019-19282" }, { "db": "JVNDB", "id": "JVNDB-2019-014892" }, { "db": "CNVD", "id": "CNVD-2020-23038" }, { "db": "IVD", "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098" }, { "db": "VULHUB", "id": "VHN-151713" }, { "db": "VULMON", "id": "CVE-2019-19282" } ], "trust": 2.52 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-19282", "trust": 3.4 }, { "db": "ICS CERT", "id": "ICSA-20-042-06", "trust": 2.1 }, { "db": "SIEMENS", "id": "SSA-270778", "trust": 1.8 }, { "db": "CNVD", "id": "CNVD-2020-23038", "trust": 0.9 }, { "db": "CNNVD", "id": "CNNVD-202002-592", "trust": 0.9 }, { "db": "JVNDB", "id": "JVNDB-2019-014892", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-20-042-08", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-20-042-07", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-20-042-05", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-20-042-03", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-20-042-04", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-20-042-09", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-20-042-02", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-20-042-01", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-20-042-10", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.0486", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.0486.2", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.0486.3", "trust": 0.6 }, { "db": "IVD", "id": "F4962B74-9C97-44A9-9A1D-5D93CF01F098", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-151713", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-19282", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098" }, { "db": "CNVD", "id": "CNVD-2020-23038" }, { "db": "VULHUB", "id": "VHN-151713" }, { "db": "VULMON", "id": "CVE-2019-19282" }, { "db": "JVNDB", "id": "JVNDB-2019-014892" }, { "db": "CNNVD", "id": "CNNVD-202002-592" }, { "db": "NVD", "id": "CVE-2019-19282" } ] }, "id": "VAR-202003-0764", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098" }, { "db": "CNVD", "id": "CNVD-2020-23038" }, { "db": "VULHUB", "id": "VHN-151713" } ], "trust": 1.62645873125 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098" }, { "db": "CNVD", "id": "CNVD-2020-23038" } ] }, "last_update_date": "2024-11-23T21:20:20.713000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-270778", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf" }, { "title": "Patch for Multiple Siemens product input verification error vulnerabilities (CNVD-2020-23038)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/214033" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=800a481f0929c6152050035d1acdb727" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-23038" }, { "db": "VULMON", "id": "CVE-2019-19282" }, { "db": "JVNDB", "id": "JVNDB-2019-014892" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-131", "trust": 1.0 }, { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-151713" }, { "db": "JVNDB", "id": "JVNDB-2019-014892" }, { "db": "NVD", "id": "CVE-2019-19282" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-06" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-19282" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-19282" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-10" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-09" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-08" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-07" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-05" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-04" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-03" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-02" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-01" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.0486/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.0486.2/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.0486.3/" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-042-06" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-042-06" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2020-23038" }, { "db": "VULHUB", "id": "VHN-151713" }, { "db": "VULMON", "id": "CVE-2019-19282" }, { "db": "JVNDB", "id": "JVNDB-2019-014892" }, { "db": "CNNVD", "id": "CNNVD-202002-592" }, { "db": "NVD", "id": "CVE-2019-19282" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098" }, { "db": "CNVD", "id": "CNVD-2020-23038" }, { "db": "VULHUB", "id": "VHN-151713" }, { "db": "VULMON", "id": "CVE-2019-19282" }, { "db": "JVNDB", "id": "JVNDB-2019-014892" }, { "db": "CNNVD", "id": "CNNVD-202002-592" }, { "db": "NVD", "id": "CVE-2019-19282" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-02-11T00:00:00", "db": "IVD", "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098" }, { "date": "2020-04-16T00:00:00", "db": "CNVD", "id": "CNVD-2020-23038" }, { "date": "2020-03-10T00:00:00", "db": "VULHUB", "id": "VHN-151713" }, { "date": "2020-03-10T00:00:00", "db": "VULMON", "id": "CVE-2019-19282" }, { "date": "2020-03-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-014892" }, { "date": "2020-02-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202002-592" }, { "date": "2020-03-10T20:15:18.960000", "db": "NVD", "id": "CVE-2019-19282" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-04-16T00:00:00", "db": "CNVD", "id": "CNVD-2020-23038" }, { "date": "2020-10-19T00:00:00", "db": "VULHUB", "id": "VHN-151713" }, { "date": "2022-04-12T00:00:00", "db": "VULMON", "id": "CVE-2019-19282" }, { "date": "2020-03-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-014892" }, { "date": "2023-04-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202002-592" }, { "date": "2024-11-21T04:34:29.480000", "db": "NVD", "id": "CVE-2019-19282" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202002-592" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation vulnerabilities in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-014892" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation error", "sources": [ { "db": "IVD", "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098" }, { "db": "CNNVD", "id": "CNNVD-202002-592" } ], "trust": 0.8 } }
var-202006-1520
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information. Several Siemens products contain vulnerabilities in uncontrolled search path elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. A code issue vulnerability exists in several Siemens products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1520", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "sinamics starter", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.4" }, { "model": "sinamics starter", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.4" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic process device manager", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic step 7", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.6" }, { "model": "simatic step 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.6" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic process devise manager", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic step 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics starter", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006491" }, { "db": "NVD", "id": "CVE-2020-7585" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_process_device_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:sinamics_starter", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006491" } ] }, "cve": "CVE-2020-7585", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CVE-2020-7585", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 4.6, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2020-006491", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-185710", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2020-7585", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-006491", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2020-7585", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2020-006491", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202006-637", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-185710", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2020-7585", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-185710" }, { "db": "VULMON", "id": "CVE-2020-7585" }, { "db": "JVNDB", "id": "JVNDB-2020-006491" }, { "db": "CNNVD", "id": "CNNVD-202006-637" }, { "db": "NVD", "id": "CVE-2020-7585" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3), SIMATIC PDM (All versions \u003c V9.2), SIMATIC STEP 7 V5.X (All versions \u003c V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions \u003c V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information. Several Siemens products contain vulnerabilities in uncontrolled search path elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. A code issue vulnerability exists in several Siemens products", "sources": [ { "db": "NVD", "id": "CVE-2020-7585" }, { "db": "JVNDB", "id": "JVNDB-2020-006491" }, { "db": "VULHUB", "id": "VHN-185710" }, { "db": "VULMON", "id": "CVE-2020-7585" } ], "trust": 1.8 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-7585", "trust": 2.6 }, { "db": "ICS CERT", "id": "ICSA-20-161-05", "trust": 2.6 }, { "db": "SIEMENS", "id": "SSA-689942", "trust": 1.8 }, { "db": "JVN", "id": "JVNVU97501786", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2020-006491", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202006-637", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.2015", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-185710", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2020-7585", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-185710" }, { "db": "VULMON", "id": "CVE-2020-7585" }, { "db": "JVNDB", "id": "JVNDB-2020-006491" }, { "db": "CNNVD", "id": "CNNVD-202006-637" }, { "db": "NVD", "id": "CVE-2020-7585" } ] }, "id": "VAR-202006-1520", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-185710" } ], "trust": 0.7474592999999999 }, "last_update_date": "2024-11-23T19:48:28.180000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-689942", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf" }, { "title": "Multiple Siemens Product code issue vulnerability fixes", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121655" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=a4e9f15cd5160c08e29d73e3ccdb55da" } ], "sources": [ { "db": "VULMON", "id": "CVE-2020-7585" }, { "db": "JVNDB", "id": "JVNDB-2020-006491" }, { "db": "CNNVD", "id": "CNNVD-202006-637" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-427", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-185710" }, { "db": "JVNDB", "id": "JVNDB-2020-006491" }, { "db": "NVD", "id": "CVE-2020-7585" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.2, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-05" }, { "trust": 2.3, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7585" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7585" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu97501786/" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-two-vulnerabilities-32490" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2015/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/427.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/183162" } ], "sources": [ { "db": "VULHUB", "id": "VHN-185710" }, { "db": "VULMON", "id": "CVE-2020-7585" }, { "db": "JVNDB", "id": "JVNDB-2020-006491" }, { "db": "CNNVD", "id": "CNNVD-202006-637" }, { "db": "NVD", "id": "CVE-2020-7585" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-185710" }, { "db": "VULMON", "id": "CVE-2020-7585" }, { "db": "JVNDB", "id": "JVNDB-2020-006491" }, { "db": "CNNVD", "id": "CNNVD-202006-637" }, { "db": "NVD", "id": "CVE-2020-7585" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-06-10T00:00:00", "db": "VULHUB", "id": "VHN-185710" }, { "date": "2020-06-10T00:00:00", "db": "VULMON", "id": "CVE-2020-7585" }, { "date": "2020-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-006491" }, { "date": "2020-06-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202006-637" }, { "date": "2020-06-10T17:15:12.457000", "db": "NVD", "id": "CVE-2020-7585" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-04-22T00:00:00", "db": "VULHUB", "id": "VHN-185710" }, { "date": "2021-04-22T00:00:00", "db": "VULMON", "id": "CVE-2020-7585" }, { "date": "2020-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-006491" }, { "date": "2022-03-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202006-637" }, { "date": "2024-11-21T05:37:25.310000", "db": "NVD", "id": "CVE-2020-7585" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-637" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vulnerabilities in uncontrolled search path elements in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006491" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-637" } ], "trust": 0.6 } }
var-201407-0602
Vulnerability from variot
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. Siemens SIMATIC WinCC and PCS7 are prone to an information-disclosure vulnerability. Siemens SIMATIC WinCC is the German Siemens ( Siemens ) The company's set of automated data collection and monitoring ( SCADA )system. The system provides process monitoring, data acquisition and other functions. PCS7 used with other products Siemens SIMATIC WinCC 7.3 previous version of WebNavigator There is a security hole in the server
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0602", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": "eq", "trust": 2.4, "vendor": "wincc", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 2.4, "vendor": "wincc", "version": "7.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.4, "vendor": "siemens", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "wincc", "version": "7.1" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "wincc", "version": "*" }, { "model": "pcs7", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "8.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" } ], "sources": [ { "db": "IVD", "id": "e2da5658-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed" }, { "db": "IVD", "id": "7d801221-463f-11e9-a98b-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04662" }, { "db": "BID", "id": "68876" }, { "db": "JVNDB", "id": "JVNDB-2014-003565" }, { "db": "CNNVD", "id": "CNNVD-201407-602" }, { "db": "NVD", "id": "CVE-2014-4682" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003565" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai from Positive Technologies.", "sources": [ { "db": "BID", "id": "68876" } ], "trust": 0.3 }, "cve": "CVE-2014-4682", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2014-4682", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2014-04662", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "e2da5658-2351-11e6-abef-000c29c66e3d", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "7d801221-463f-11e9-a98b-000c29342cb1", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-72623", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2014-4682", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2014-4682", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2014-04662", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201407-602", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "e2da5658-2351-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "7d801221-463f-11e9-a98b-000c29342cb1", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-72623", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "e2da5658-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed" }, { "db": "IVD", "id": "7d801221-463f-11e9-a98b-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04662" }, { "db": "VULHUB", "id": "VHN-72623" }, { "db": "JVNDB", "id": "JVNDB-2014-003565" }, { "db": "CNNVD", "id": "CNNVD-201407-602" }, { "db": "NVD", "id": "CVE-2014-4682" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. Siemens SIMATIC WinCC and PCS7 are prone to an information-disclosure vulnerability. Siemens SIMATIC WinCC is the German Siemens ( Siemens ) The company\u0027s set of automated data collection and monitoring ( SCADA )system. The system provides process monitoring, data acquisition and other functions. PCS7 used with other products Siemens SIMATIC WinCC 7.3 previous version of WebNavigator There is a security hole in the server", "sources": [ { "db": "NVD", "id": "CVE-2014-4682" }, { "db": "JVNDB", "id": "JVNDB-2014-003565" }, { "db": "CNVD", "id": "CNVD-2014-04662" }, { "db": "BID", "id": "68876" }, { "db": "IVD", "id": "e2da5658-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed" }, { "db": "IVD", "id": "7d801221-463f-11e9-a98b-000c29342cb1" }, { "db": "VULHUB", "id": "VHN-72623" } ], "trust": 3.06 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-4682", "trust": 4.1 }, { "db": "SIEMENS", "id": "SSA-214365", "trust": 2.6 }, { "db": "CNNVD", "id": "CNNVD-201407-602", "trust": 1.3 }, { "db": "CNVD", "id": "CNVD-2014-04662", "trust": 1.2 }, { "db": "ICS CERT", "id": "ICSA-14-205-02", "trust": 1.1 }, { "db": "BID", "id": "68876", "trust": 1.0 }, { "db": "JVNDB", "id": "JVNDB-2014-003565", "trust": 0.8 }, { "db": "SECUNIA", "id": "60392", "trust": 0.6 }, { "db": "SECUNIA", "id": "60388", "trust": 0.6 }, { "db": "IVD", "id": "E2DA5658-2351-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "IVD", "id": "00716B3E-FF45-48A1-BC94-7CBFC25E11ED", "trust": 0.2 }, { "db": "IVD", "id": "7D801221-463F-11E9-A98B-000C29342CB1", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "127660", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-72623", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e2da5658-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed" }, { "db": "IVD", "id": "7d801221-463f-11e9-a98b-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04662" }, { "db": "VULHUB", "id": "VHN-72623" }, { "db": "BID", "id": "68876" }, { "db": "JVNDB", "id": "JVNDB-2014-003565" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-602" }, { "db": "NVD", "id": "CVE-2014-4682" } ] }, "id": "VAR-201407-0602", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e2da5658-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed" }, { "db": "IVD", "id": "7d801221-463f-11e9-a98b-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04662" }, { "db": "VULHUB", "id": "VHN-72623" } ], "trust": 2.003642875 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.2 } ], "sources": [ { "db": "IVD", "id": "e2da5658-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed" }, { "db": "IVD", "id": "7d801221-463f-11e9-a98b-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04662" } ] }, "last_update_date": "2024-11-23T22:31:17.561000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-214365", "trust": 0.8, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf" }, { "title": "Patch for Siemens SIMATIC WinCC and PCS7 WebNavigator Server Information Disclosure Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/47904" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-04662" }, { "db": "JVNDB", "id": "JVNDB-2014-003565" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-200", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-72623" }, { "db": "JVNDB", "id": "JVNDB-2014-003565" }, { "db": "NVD", "id": "CVE-2014-4682" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4682" }, { "trust": 1.1, "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4682" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/68876" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60388" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60392" }, { "trust": 0.3, "url": "http://www.siemens.com/" }, { "trust": 0.3, "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-04662" }, { "db": "VULHUB", "id": "VHN-72623" }, { "db": "BID", "id": "68876" }, { "db": "JVNDB", "id": "JVNDB-2014-003565" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-602" }, { "db": "NVD", "id": "CVE-2014-4682" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e2da5658-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed" }, { "db": "IVD", "id": "7d801221-463f-11e9-a98b-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04662" }, { "db": "VULHUB", "id": "VHN-72623" }, { "db": "BID", "id": "68876" }, { "db": "JVNDB", "id": "JVNDB-2014-003565" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-602" }, { "db": "NVD", "id": "CVE-2014-4682" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "e2da5658-2351-11e6-abef-000c29c66e3d" }, { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed" }, { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "7d801221-463f-11e9-a98b-000c29342cb1" }, { "date": "2014-07-28T00:00:00", "db": "CNVD", "id": "CNVD-2014-04662" }, { "date": "2014-07-24T00:00:00", "db": "VULHUB", "id": "VHN-72623" }, { "date": "2014-07-24T00:00:00", "db": "BID", "id": "68876" }, { "date": "2014-07-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003565" }, { "date": "2014-07-29T22:37:22", "db": "PACKETSTORM", "id": "127660" }, { "date": "2014-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201407-602" }, { "date": "2014-07-24T14:55:08.020000", "db": "NVD", "id": "CVE-2014-4682" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-07-28T00:00:00", "db": "CNVD", "id": "CNVD-2014-04662" }, { "date": "2014-07-25T00:00:00", "db": "VULHUB", "id": "VHN-72623" }, { "date": "2015-03-19T08:39:00", "db": "BID", "id": "68876" }, { "date": "2014-08-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003565" }, { "date": "2014-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201407-602" }, { "date": "2024-11-21T02:10:41.677000", "db": "NVD", "id": "CVE-2014-4682" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201407-602" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC and PCS7 WebNavigator Server Information Disclosure Vulnerability", "sources": [ { "db": "CNVD", "id": "CNVD-2014-04662" }, { "db": "BID", "id": "68876" } ], "trust": 0.9 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Information leakage", "sources": [ { "db": "IVD", "id": "e2da5658-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed" }, { "db": "IVD", "id": "7d801221-463f-11e9-a98b-000c29342cb1" } ], "trust": 0.6 } }
var-202107-1338
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software. Multiple Siemens products are vulnerable to improper assignment of permissions to critical resources.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC PCS 7 is a set of process control system of Germany Siemens (Siemens) company. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202107-1338", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pdm", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic step 7", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "sinamics starter", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.4" }, { "model": "sinamics starter", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.4" }, { "model": "simatic step 7", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.7" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic pdm", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "sinamics starter", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic step 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pdm", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v8.2" }, { "model": "sinamics starter", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7" }, { "model": "simatic step", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003cv5.7" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.x" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-67536" }, { "db": "JVNDB", "id": "JVNDB-2021-012062" }, { "db": "NVD", "id": "CVE-2021-31894" } ] }, "cve": "CVE-2021-31894", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "CVE-2021-31894", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "CNVD-2021-67536", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.0, "id": "CVE-2021-31894", "impactScore": 6.0, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-31894", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Changed", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2021-31894", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2021-31894", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2021-67536", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202107-700", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-67536" }, { "db": "JVNDB", "id": "JVNDB-2021-012062" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202107-700" }, { "db": "NVD", "id": "CVE-2021-31894" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions \u003c V9.1 SP2), SIMATIC PDM (All versions \u003c V9.2 SP2), SIMATIC STEP 7 V5.X (All versions \u003c V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions \u003c V5.4 SP2 HF1). A directory containing metafiles relevant to devices\u0027 configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software. Multiple Siemens products are vulnerable to improper assignment of permissions to critical resources.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC PCS 7 is a set of process control system of Germany Siemens (Siemens) company. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements", "sources": [ { "db": "NVD", "id": "CVE-2021-31894" }, { "db": "JVNDB", "id": "JVNDB-2021-012062" }, { "db": "CNVD", "id": "CNVD-2021-67536" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "VULMON", "id": "CVE-2021-31894" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-31894", "trust": 3.9 }, { "db": "SIEMENS", "id": "SSA-661034", "trust": 2.3 }, { "db": "JVNDB", "id": "JVNDB-2021-012062", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2021-67536", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021041363", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202104-975", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021071421", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.2399", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202107-700", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2021-31894", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-67536" }, { "db": "VULMON", "id": "CVE-2021-31894" }, { "db": "JVNDB", "id": "JVNDB-2021-012062" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202107-700" }, { "db": "NVD", "id": "CVE-2021-31894" } ] }, "id": "VAR-202107-1338", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2021-67536" } ], "trust": 1.2983238175 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-67536" } ] }, "last_update_date": "2024-08-14T12:46:41.505000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-661034", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf" }, { "title": "Patch for Siemens SIMATIC PCS 7 Security Bypass Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/289056" }, { "title": "Siemens SIMATIC PCS 7 Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=156393" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=cffed51f1493fdc6097a2354da39b18a" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-67536" }, { "db": "VULMON", "id": "CVE-2021-31894" }, { "db": "JVNDB", "id": "JVNDB-2021-012062" }, { "db": "CNNVD", "id": "CNNVD-202107-700" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-732", "trust": 1.0 }, { "problemtype": "Improper permission assignment for critical resources (CWE-732) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-012062" }, { "db": "NVD", "id": "CVE-2021-31894" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661034.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-31894" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-privilege-escalation-via-metafiles-35868" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.2399" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021071421" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/732.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://cert-portal.siemens.com/productcert/txt/ssa-661034.txt" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-67536" }, { "db": "VULMON", "id": "CVE-2021-31894" }, { "db": "JVNDB", "id": "JVNDB-2021-012062" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202107-700" }, { "db": "NVD", "id": "CVE-2021-31894" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2021-67536" }, { "db": "VULMON", "id": "CVE-2021-31894" }, { "db": "JVNDB", "id": "JVNDB-2021-012062" }, { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202107-700" }, { "db": "NVD", "id": "CVE-2021-31894" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-09-02T00:00:00", "db": "CNVD", "id": "CNVD-2021-67536" }, { "date": "2021-07-13T00:00:00", "db": "VULMON", "id": "CVE-2021-31894" }, { "date": "2022-08-23T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-012062" }, { "date": "2021-04-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2021-07-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202107-700" }, { "date": "2021-07-13T11:15:09.603000", "db": "NVD", "id": "CVE-2021-31894" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-01-18T00:00:00", "db": "CNVD", "id": "CNVD-2021-67536" }, { "date": "2021-07-13T00:00:00", "db": "VULMON", "id": "CVE-2021-31894" }, { "date": "2022-08-23T03:25:00", "db": "JVNDB", "id": "JVNDB-2021-012062" }, { "date": "2021-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-975" }, { "date": "2022-08-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202107-700" }, { "date": "2022-08-10T20:28:00.357000", "db": "NVD", "id": "CVE-2021-31894" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202107-700" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Improper assignment of permissions to critical resources in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-012062" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-975" }, { "db": "CNNVD", "id": "CNNVD-202107-700" } ], "trust": 1.2 } }
var-202402-1389
Vulnerability from variot
A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202402-1389", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime professional", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "18" }, { "model": "openpcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic route control", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "19" }, { "model": "simatic batch", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic batch", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic route control", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "openpcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.1" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "79.1" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "9.1" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v18" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v19" }, { "model": "simatic wincc sp2 update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "7.515" }, { "model": "simatic wincc sp4", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "8.0" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "cve": "CVE-2023-48364", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CNVD-2024-09314", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2023-48364", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2023-48364", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-48364", "trust": 1.0, "value": "MEDIUM" }, { "author": "productcert@siemens.com", "id": "CVE-2023-48364", "trust": 1.0, "value": "High" }, { "author": "NVD", "id": "CVE-2023-48364", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2024-09314", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants", "sources": [ { "db": "NVD", "id": "CVE-2023-48364" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "VULMON", "id": "CVE-2023-48364" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-48364", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-753746", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-24-046-12", "trust": 0.9 }, { "db": "JVN", "id": "JVNVU91198149", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU94620134", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-027393", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2024-09314", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-48364", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "VULMON", "id": "CVE-2023-48364" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "id": "VAR-202402-1389", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" } ], "trust": 1.295444247142857 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" } ] }, "last_update_date": "2024-10-24T20:52:21.130000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Null pointer dereference vulnerability (CNVD-2024-09314) in multiple Siemens products", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/526516" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-476", "trust": 1.0 }, { "problemtype": "NULL Pointer dereference (CWE-476) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html" }, { "trust": 0.9, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-12" }, { "trust": 0.8, "url": "https://jvn.jp/vu/\u3010\u81ea\u52d5\uff1a\u8981jvnvu\u8ffd\u52a0\u3011\u30b7\u30fc\u30e1\u30f3\u30b9/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91198149/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu94620134/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-48364" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "VULMON", "id": "CVE-2023-48364" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "VULMON", "id": "CVE-2023-48364" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-02-23T00:00:00", "db": "CNVD", "id": "CNVD-2024-09314" }, { "date": "2024-02-13T00:00:00", "db": "VULMON", "id": "CVE-2023-48364" }, { "date": "2024-10-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "date": "2024-02-13T09:15:45.980000", "db": "NVD", "id": "CVE-2023-48364" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-02-21T00:00:00", "db": "CNVD", "id": "CNVD-2024-09314" }, { "date": "2024-02-13T00:00:00", "db": "VULMON", "id": "CVE-2023-48364" }, { "date": "2024-10-21T06:57:00", "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "date": "2024-10-18T17:26:22.937000", "db": "NVD", "id": "CVE-2023-48364" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "in multiple Siemens products \u00a0NULL\u00a0 Pointer dereference vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-027393" } ], "trust": 0.8 } }
var-201907-1455
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The SIMATIC WinCC DataMonitor web is one of the data analysis and display components.
A security vulnerability exists in the SIMATIC WinCC DataMonitor web in several Siemens products. Siemens SIMATIC WinCC and SIMATIC PCS 7 are prone to an arbitrary file-upload vulnerability
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201907-1455", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7v8.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7v8.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7v9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "v7.3" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "v14" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v8.0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v15" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.2" }, { "model": "simatic wincc professional (tia portal", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v13)" }, { "model": "simatic wincc professional (tia portal", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v14)" }, { "model": "simatic wincc professional (tia portal", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v15)" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5" }, { "model": "simatic wincc runtime professional update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v15.11" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime professional update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc runtime professional sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional sp1 upd2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional sp update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1319" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc professional sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc professional sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.41" }, { "model": "simatic wincc sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.32" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.313" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.311" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.310" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.31" }, { "model": "simatic wincc upd4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.29" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc sp3 upd", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.08" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "79.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.53" }, { "model": "simatic wincc sp-1 upd-11", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic pcs sp-2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "79.0" }, { "model": "simatic pcs sp-1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "78.2" }, { "model": "simatic pcs siemens simatic wincc", "scope": "eq", "trust": 0.2, "vendor": "siemens", "version": "7\u003c=v8.0\u003c=v7.2" }, { "model": "simatic wincc siemens simatic wincc professional (tia portal siemens simatic wincc professional (tia portal siemens simatic w", "scope": "eq", "trust": 0.2, "vendor": "siemens", "version": "v7.4v15)v14)" }, { "model": "simatic wincc runtime professional siemens simatic wincc", "scope": "eq", "trust": 0.2, "vendor": "siemens", "version": "v15v7.5" } ], "sources": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "BID", "id": "109127" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-006590" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Xuchen Zhu from ZheJiang Guoli Security Technology CNCERT/CC", "sources": [ { "db": "CNNVD", "id": "CNNVD-201907-609" } ], "trust": 0.6 }, "cve": "CVE-2019-10935", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "CVE-2019-10935", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CNVD-2019-22244", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "69364700-0a59-4c18-a969-e06b68873d4f", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "VHN-142531", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.2, "id": "CVE-2019-10935", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-10935", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-10935", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2019-22244", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201907-609", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-142531", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2019-10935", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULHUB", "id": "VHN-142531" }, { "db": "VULMON", "id": "CVE-2019-10935" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "CNNVD", "id": "CNNVD-201907-609" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The SIMATIC WinCC DataMonitor web is one of the data analysis and display components. \n\nA security vulnerability exists in the SIMATIC WinCC DataMonitor web in several Siemens products. Siemens SIMATIC WinCC and SIMATIC PCS 7 are prone to an arbitrary file-upload vulnerability", "sources": [ { "db": "NVD", "id": "CVE-2019-10935" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "BID", "id": "109127" }, { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "VULHUB", "id": "VHN-142531" }, { "db": "VULMON", "id": "CVE-2019-10935" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10935", "trust": 2.9 }, { "db": "SIEMENS", "id": "SSA-121293", "trust": 2.4 }, { "db": "ICS CERT", "id": "ICSA-19-192-02", "trust": 1.7 }, { "db": "BID", "id": "109127", "trust": 1.1 }, { "db": "CNVD", "id": "CNVD-2019-22244", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-006590", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201907-609", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2019.2574", "trust": 0.6 }, { "db": "IVD", "id": "69364700-0A59-4C18-A969-E06B68873D4F", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-142531", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-10935", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULHUB", "id": "VHN-142531" }, { "db": "VULMON", "id": "CVE-2019-10935" }, { "db": "BID", "id": "109127" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "CNNVD", "id": "CNNVD-201907-609" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "id": "VAR-201907-1455", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULHUB", "id": "VHN-142531" } ], "trust": 1.616291167 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" } ] }, "last_update_date": "2024-11-23T21:59:49.073000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-121293", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf" }, { "title": "Patch for Multiple Siemens product code upload vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/168509" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9f83ea9c05726639cd4642c3972ec527" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULMON", "id": "CVE-2019-10935" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-434", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-142531" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf" }, { "trust": 1.7, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-192-02" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10935" }, { "trust": 1.3, "url": "https://www.securityfocus.com/bid/109127" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.9, "url": "https://new.siemens.com/global/en/products/services/cert.html#securitypublications" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10935" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.2574/" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-pcs7-wincc-file-upload-via-datamonitor-29733" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/434.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163660" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULHUB", "id": "VHN-142531" }, { "db": "VULMON", "id": "CVE-2019-10935" }, { "db": "BID", "id": "109127" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "CNNVD", "id": "CNNVD-201907-609" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULHUB", "id": "VHN-142531" }, { "db": "VULMON", "id": "CVE-2019-10935" }, { "db": "BID", "id": "109127" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "CNNVD", "id": "CNNVD-201907-609" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-07-12T00:00:00", "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "date": "2019-07-12T00:00:00", "db": "CNVD", "id": "CNVD-2019-22244" }, { "date": "2019-07-11T00:00:00", "db": "VULHUB", "id": "VHN-142531" }, { "date": "2019-07-11T00:00:00", "db": "VULMON", "id": "CVE-2019-10935" }, { "date": "2019-07-09T00:00:00", "db": "BID", "id": "109127" }, { "date": "2019-07-24T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "date": "2019-07-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201907-609" }, { "date": "2019-07-11T22:15:11.797000", "db": "NVD", "id": "CVE-2019-10935" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-10-15T00:00:00", "db": "CNVD", "id": "CNVD-2019-22244" }, { "date": "2019-10-10T00:00:00", "db": "VULHUB", "id": "VHN-142531" }, { "date": "2019-10-10T00:00:00", "db": "VULMON", "id": "CVE-2019-10935" }, { "date": "2019-07-09T00:00:00", "db": "BID", "id": "109127" }, { "date": "2019-07-24T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "date": "2019-10-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201907-609" }, { "date": "2024-11-21T04:20:11.120000", "db": "NVD", "id": "CVE-2019-10935" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201907-609" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Product unrestricted upload vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-006590" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201907-609" } ], "trust": 0.6 } }
var-201503-0016
Vulnerability from variot
Untrusted search path vulnerability in Siemens SIMATIC ProSave before 13 SP1; SIMATIC CFC before 8.0 SP4 Upd9 and 8.1 before Upd1; SIMATIC STEP 7 before 5.5 SP1 HF2, 5.5 SP2 before HF7, 5.5 SP3, and 5.5 SP4 before HF4; SIMOTION Scout before 4.4; and STARTER before 4.4 HF3 allows local users to gain privileges via a Trojan horse application file. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. http://cwe.mitre.org/data/definitions/426.htmlA local user may be able to obtain permissions through the Trojan application file. Siemens SIMATIC ProSave, etc. are all products of Germany's Siemens (Siemens). Siemens SIMATIC ProSave is a product used in SIMATIC HMI panel for backup recovery and firmware update; SIMATIC CFC is a graphic editor, which is an optional core component of PCS 7 engineering system and STEP 7; SIMATIC STEP 7 is a The set provides PLC programming, design option package and other functions and is used for SIMATIC controller software
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201503-0016", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic cfc", "scope": "eq", "trust": 2.2, "vendor": "siemens", "version": "8.1" }, { "model": "simatic prosave", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "13.0" }, { "model": "simatic step 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.5" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "simatic step 7", "version": "5.5" }, { "model": "starter", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "simatic step 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "5.5" }, { "model": "simotion scout", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.3" }, { "model": "simatic cfc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic step 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "5.5 sp1 hf2" }, { "model": "simatic cfc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "v8.1 (simatic step 7 sp4 hf4 cfc v8.1 upd1" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": ")" }, { "model": "simatic step 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "5.5 sp3" }, { "model": "simatic step 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "5.5 sp4" }, { "model": "simatic cfc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "v8.0 sp4 upd 9" }, { "model": "simatic step 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "5.5 sp2" }, { "model": "simatic step 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "5.5 sp1" }, { "model": "simatic step 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "5.5 sp2 hf7" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "v8.0 sp2 and earlier" }, { "model": "simatic cfc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.1 upd1" }, { "model": "simatic cfc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.0 sp4" }, { "model": "simatic step 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "5.5 sp4 hf4" }, { "model": "simatic prosave sp1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "13" }, { "model": "simatic cfc sp4 upd9", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "8.0" }, { "model": "starter", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "4.4" }, { "model": "simotion scout", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "4.3" }, { "model": "simatic cfc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "starter", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic prosave", "version": "13.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simotion scout", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic cfc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic cfc", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic step 7", "version": "*" } ], "sources": [ { "db": "IVD", "id": "9e6aca98-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "4b925098-f6b1-42ef-a1d0-6f7cdce19847" }, { "db": "CNVD", "id": "CNVD-2015-01603" }, { "db": "JVNDB", "id": "JVNDB-2015-001703" }, { "db": "CNNVD", "id": "CNNVD-201503-128" }, { "db": "NVD", "id": "CVE-2015-1594" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_cfc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_prosave", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simotion_scout", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:starter", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-001703" } ] }, "cve": "CVE-2015-1594", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "CVE-2015-1594", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "CNVD-2015-01603", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "9e6aca98-2351-11e6-abef-000c29c66e3d", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "4b925098-f6b1-42ef-a1d0-6f7cdce19847", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "VHN-79555", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2015-1594", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2015-1594", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2015-01603", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201503-128", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "9e6aca98-2351-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "4b925098-f6b1-42ef-a1d0-6f7cdce19847", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-79555", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "9e6aca98-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "4b925098-f6b1-42ef-a1d0-6f7cdce19847" }, { "db": "CNVD", "id": "CNVD-2015-01603" }, { "db": "VULHUB", "id": "VHN-79555" }, { "db": "JVNDB", "id": "JVNDB-2015-001703" }, { "db": "CNNVD", "id": "CNNVD-201503-128" }, { "db": "NVD", "id": "CVE-2015-1594" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Untrusted search path vulnerability in Siemens SIMATIC ProSave before 13 SP1; SIMATIC CFC before 8.0 SP4 Upd9 and 8.1 before Upd1; SIMATIC STEP 7 before 5.5 SP1 HF2, 5.5 SP2 before HF7, 5.5 SP3, and 5.5 SP4 before HF4; SIMOTION Scout before 4.4; and STARTER before 4.4 HF3 allows local users to gain privileges via a Trojan horse application file. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. http://cwe.mitre.org/data/definitions/426.htmlA local user may be able to obtain permissions through the Trojan application file. Siemens SIMATIC ProSave, etc. are all products of Germany\u0027s Siemens (Siemens). Siemens SIMATIC ProSave is a product used in SIMATIC HMI panel for backup recovery and firmware update; SIMATIC CFC is a graphic editor, which is an optional core component of PCS 7 engineering system and STEP 7; SIMATIC STEP 7 is a The set provides PLC programming, design option package and other functions and is used for SIMATIC controller software", "sources": [ { "db": "NVD", "id": "CVE-2015-1594" }, { "db": "JVNDB", "id": "JVNDB-2015-001703" }, { "db": "CNVD", "id": "CNVD-2015-01603" }, { "db": "IVD", "id": "9e6aca98-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "4b925098-f6b1-42ef-a1d0-6f7cdce19847" }, { "db": "VULHUB", "id": "VHN-79555" } ], "trust": 2.61 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2015-1594", "trust": 3.5 }, { "db": "SIEMENS", "id": "SSA-451236", "trust": 2.3 }, { "db": "CNNVD", "id": "CNNVD-201503-128", "trust": 1.1 }, { "db": "SECTRACK", "id": "1032039", "trust": 1.1 }, { "db": "CNVD", "id": "CNVD-2015-01603", "trust": 1.0 }, { "db": "JVNDB", "id": "JVNDB-2015-001703", "trust": 0.8 }, { "db": "IVD", "id": "9E6ACA98-2351-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "IVD", "id": "4B925098-F6B1-42EF-A1D0-6F7CDCE19847", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-79555", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "9e6aca98-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "4b925098-f6b1-42ef-a1d0-6f7cdce19847" }, { "db": "CNVD", "id": "CNVD-2015-01603" }, { "db": "VULHUB", "id": "VHN-79555" }, { "db": "JVNDB", "id": "JVNDB-2015-001703" }, { "db": "CNNVD", "id": "CNNVD-201503-128" }, { "db": "NVD", "id": "CVE-2015-1594" } ] }, "id": "VAR-201503-0016", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "9e6aca98-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "4b925098-f6b1-42ef-a1d0-6f7cdce19847" }, { "db": "CNVD", "id": "CNVD-2015-01603" }, { "db": "VULHUB", "id": "VHN-79555" } ], "trust": 1.9133129750000002 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.0 } ], "sources": [ { "db": "IVD", "id": "9e6aca98-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "4b925098-f6b1-42ef-a1d0-6f7cdce19847" }, { "db": "CNVD", "id": "CNVD-2015-01603" } ] }, "last_update_date": "2024-11-23T23:05:43.478000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-451236", "trust": 0.8, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-451236.pdf" }, { "title": "There are patches for search path vulnerabilities in many Siemens products.", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/56192" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2015-01603" }, { "db": "JVNDB", "id": "JVNDB-2015-001703" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 }, { "problemtype": "CWE-Other", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-001703" }, { "db": "NVD", "id": "CVE-2015-1594" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-451236.pdf" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1594" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1032039" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1594" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2015-01603" }, { "db": "VULHUB", "id": "VHN-79555" }, { "db": "JVNDB", "id": "JVNDB-2015-001703" }, { "db": "CNNVD", "id": "CNNVD-201503-128" }, { "db": "NVD", "id": "CVE-2015-1594" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "9e6aca98-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "4b925098-f6b1-42ef-a1d0-6f7cdce19847" }, { "db": "CNVD", "id": "CNVD-2015-01603" }, { "db": "VULHUB", "id": "VHN-79555" }, { "db": "JVNDB", "id": "JVNDB-2015-001703" }, { "db": "CNNVD", "id": "CNNVD-201503-128" }, { "db": "NVD", "id": "CVE-2015-1594" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2015-03-13T00:00:00", "db": "IVD", "id": "9e6aca98-2351-11e6-abef-000c29c66e3d" }, { "date": "2015-03-13T00:00:00", "db": "IVD", "id": "4b925098-f6b1-42ef-a1d0-6f7cdce19847" }, { "date": "2015-03-13T00:00:00", "db": "CNVD", "id": "CNVD-2015-01603" }, { "date": "2015-03-07T00:00:00", "db": "VULHUB", "id": "VHN-79555" }, { "date": "2015-03-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-001703" }, { "date": "2015-03-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201503-128" }, { "date": "2015-03-07T02:59:03.803000", "db": "NVD", "id": "CVE-2015-1594" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2015-03-13T00:00:00", "db": "CNVD", "id": "CNVD-2015-01603" }, { "date": "2016-08-24T00:00:00", "db": "VULHUB", "id": "VHN-79555" }, { "date": "2015-03-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-001703" }, { "date": "2015-03-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201503-128" }, { "date": "2024-11-21T02:25:44.200000", "db": "NVD", "id": "CVE-2015-1594" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201503-128" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens Vulnerability gained in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-001703" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Path traversal", "sources": [ { "db": "IVD", "id": "9e6aca98-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "4b925098-f6b1-42ef-a1d0-6f7cdce19847" } ], "trust": 0.4 } }
var-201411-0460
Vulnerability from variot
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC WinCC, SIMATIC PCS 7 and TIA Portal (Botu) are all industrial automation products of German Siemens (Siemens). SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC; TIA Portal is a software platform that can quickly develop and debug automation systems. WinCC server is an option for it, which can operate multiple operating systems and monitoring stations in the network connected to the automation system. There are security vulnerabilities in the WinCC server of several Siemens products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201411-0460", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": "eq", "trust": 3.2, "vendor": "simatic wincc", "version": "7.2" }, { "model": null, "scope": "eq", "trust": 1.6, "vendor": "simatic wincc", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.2" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "simatic tiaportal", "version": "13.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic tiaportal", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.3" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic pcs7", "version": "8.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.3 update 2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.2 update 9" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.1 to 7.1 sp4" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.0 to 8.0 sp2" }, { "model": "totally integrated automation portal", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.0 to 7.0 sp3" }, { "model": "totally integrated automation portal", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "13 update 6" }, { "model": "wincc 7.0-sp3", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "wincc (\u003cupdate", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.29)" }, { "model": "wincc (\u003cupdate", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.32)" }, { "model": "simatic pcs 7.1-sp4", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7" }, { "model": "simatic pcs 8.0-sp2", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "78.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic pcs7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic pcs 7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic wincc", "version": "7.3" } ], "sources": [ { "db": "IVD", "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f" }, { "db": "CNVD", "id": "CNVD-2014-08594" }, { "db": "JVNDB", "id": "JVNDB-2014-005645" }, { "db": "CNNVD", "id": "CNNVD-201411-501" }, { "db": "NVD", "id": "CVE-2014-8552" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_tiaportal", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-005645" } ] }, "cve": "CVE-2014-8552", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2014-8552", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 7.8, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CNVD-2014-08594", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 7.8, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 7.8, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-76497", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2014-8552", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2014-8552", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2014-08594", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201411-501", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-76497", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f" }, { "db": "CNVD", "id": "CNVD-2014-08594" }, { "db": "VULHUB", "id": "VHN-76497" }, { "db": "JVNDB", "id": "JVNDB-2014-005645" }, { "db": "CNNVD", "id": "CNNVD-201411-501" }, { "db": "NVD", "id": "CVE-2014-8552" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC WinCC, SIMATIC PCS 7 and TIA Portal (Botu) are all industrial automation products of German Siemens (Siemens). SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC; TIA Portal is a software platform that can quickly develop and debug automation systems. WinCC server is an option for it, which can operate multiple operating systems and monitoring stations in the network connected to the automation system. There are security vulnerabilities in the WinCC server of several Siemens products", "sources": [ { "db": "NVD", "id": "CVE-2014-8552" }, { "db": "JVNDB", "id": "JVNDB-2014-005645" }, { "db": "CNVD", "id": "CNVD-2014-08594" }, { "db": "IVD", "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f" }, { "db": "VULHUB", "id": "VHN-76497" } ], "trust": 2.61 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-8552", "trust": 3.5 }, { "db": "SIEMENS", "id": "SSA-134508", "trust": 2.3 }, { "db": "CNNVD", "id": "CNNVD-201411-501", "trust": 1.1 }, { "db": "CNVD", "id": "CNVD-2014-08594", "trust": 1.0 }, { "db": "ICS CERT", "id": "ICSA-14-329-02", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2014-005645", "trust": 0.8 }, { "db": "SECUNIA", "id": "60068", "trust": 0.6 }, { "db": "IVD", "id": "B4BC03B6-2351-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "IVD", "id": "633E044B-7ADF-4ADF-9CA1-7D68E531ED2F", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-76497", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f" }, { "db": "CNVD", "id": "CNVD-2014-08594" }, { "db": "VULHUB", "id": "VHN-76497" }, { "db": "JVNDB", "id": "JVNDB-2014-005645" }, { "db": "CNNVD", "id": "CNNVD-201411-501" }, { "db": "NVD", "id": "CVE-2014-8552" } ] }, "id": "VAR-201411-0460", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f" }, { "db": "CNVD", "id": "CNVD-2014-08594" }, { "db": "VULHUB", "id": "VHN-76497" } ], "trust": 1.7048571666666668 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.0 } ], "sources": [ { "db": "IVD", "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f" }, { "db": "CNVD", "id": "CNVD-2014-08594" } ] }, "last_update_date": "2024-11-23T22:01:56.377000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-134508", "trust": 0.8, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf" }, { "title": "Patch for Siemens SIMATIC WinCC/PCS 7 directory traversal vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/52283" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08594" }, { "db": "JVNDB", "id": "JVNDB-2014-005645" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-200", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-76497" }, { "db": "JVNDB", "id": "JVNDB-2014-005645" }, { "db": "NVD", "id": "CVE-2014-8552" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8552" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8552" }, { "trust": 0.8, "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-329-02" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60068" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08594" }, { "db": "VULHUB", "id": "VHN-76497" }, { "db": "JVNDB", "id": "JVNDB-2014-005645" }, { "db": "CNNVD", "id": "CNNVD-201411-501" }, { "db": "NVD", "id": "CVE-2014-8552" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f" }, { "db": "CNVD", "id": "CNVD-2014-08594" }, { "db": "VULHUB", "id": "VHN-76497" }, { "db": "JVNDB", "id": "JVNDB-2014-005645" }, { "db": "CNNVD", "id": "CNNVD-201411-501" }, { "db": "NVD", "id": "CVE-2014-8552" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-12-01T00:00:00", "db": "IVD", "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d" }, { "date": "2014-12-01T00:00:00", "db": "IVD", "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f" }, { "date": "2014-12-01T00:00:00", "db": "CNVD", "id": "CNVD-2014-08594" }, { "date": "2014-11-26T00:00:00", "db": "VULHUB", "id": "VHN-76497" }, { "date": "2014-11-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-005645" }, { "date": "2014-11-27T00:00:00", "db": "CNNVD", "id": "CNNVD-201411-501" }, { "date": "2014-11-26T11:59:01.373000", "db": "NVD", "id": "CVE-2014-8552" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-12-01T00:00:00", "db": "CNVD", "id": "CNVD-2014-08594" }, { "date": "2014-11-26T00:00:00", "db": "VULHUB", "id": "VHN-76497" }, { "date": "2014-11-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-005645" }, { "date": "2014-11-27T00:00:00", "db": "CNNVD", "id": "CNNVD-201411-501" }, { "date": "2024-11-21T02:19:19.387000", "db": "NVD", "id": "CVE-2014-8552" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201411-501" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC/PCS 7 Directory Traversal Vulnerability", "sources": [ { "db": "IVD", "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f" }, { "db": "CNVD", "id": "CNVD-2014-08594" } ], "trust": 1.0 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-201411-501" } ], "trust": 0.6 } }
var-201804-1651
Vulnerability from variot
A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural Siemens SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC BATCH, etc. are all industrial automation products from Siemens AG. Siemens OpenPCS, etc. Siemens OpenPCS is a process control system. SIMATIC BATCH is a set of software packages for batch automation. Input validation vulnerabilities exist in several Siemens products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201804-1651", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic batch", "scope": "eq", "trust": 2.4, "vendor": "siemens", "version": "8.0" }, { "model": "simatic batch", "scope": "eq", "trust": 2.4, "vendor": "siemens", "version": "8.1" }, { "model": "simatic batch", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.2" }, { "model": "simatic batch", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "9.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "9.0" }, { "model": "simatic route control", "scope": "lte", "trust": 1.8, "vendor": "siemens", "version": "7.1" }, { "model": "simatic route control", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.0" }, { "model": "simatic route control", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.1" }, { "model": "simatic route control", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "7.4" }, { "model": "openpcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.1" }, { "model": "openpcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "9.0" }, { "model": "openpcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.2" }, { "model": "simatic batch", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "openpcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc runtime professional", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "openpcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic net pc software", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "sppa-t3000 application server", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "r8.2" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "sppa-t3000 application server", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "r8.2" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic net pc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic batch", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.1" }, { "model": "simatic net pc software", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic openpcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.1" }, { "model": "simatic openpcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.0" }, { "model": "simatic openpcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.1" }, { "model": "simatic openpcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.2" }, { "model": "simatic openpcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "9.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.1" }, { "model": "simatic route control", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.2" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic batch", "version": "8.1" }, { "model": "simatic net pc-software", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v7.1" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.0" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "openpcs upd1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003cv9.0" }, { "model": "simatic batch", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.1" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.0" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.1" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.2" }, { "model": "simatic batch upd1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v9.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v7.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "simatic pcs upd1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003cv9.0" }, { "model": "simatic route control", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.1" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.0" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.1" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.2" }, { "model": "simatic route control upd1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v9.0" }, { "model": "simatic wincc runtime professional sp1 upd5", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v14" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=7.2" }, { "model": "simatic wincc upd16", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc sp1 upd4", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "openpcs 7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic batch", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic batch", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic batch", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic batch", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic net pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic route control", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic route control", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic route control", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic route control", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime professional", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime professional", "version": "14" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" } ], "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "CNNVD", "id": "CNNVD-201804-407" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_batch", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_openpcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_route_control", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-004994" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gleb Gritsai", "sources": [ { "db": "CNNVD", "id": "CNNVD-201804-407" } ], "trust": 0.6 }, "cve": "CVE-2018-4832", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2018-4832", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.0, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2018-4832", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2018-07037", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-134863", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2018-4832", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2018-4832", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2018-4832", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2018-4832", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2018-07037", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201804-407", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-134863", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "VULHUB", "id": "VHN-134863" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "CNNVD", "id": "CNNVD-201804-407" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions \u003c V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions \u003c V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions \u003c V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd10), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions \u003c 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions \u003c WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions \u003c WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions \u003c Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural Siemens SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC BATCH, etc. are all industrial automation products from Siemens AG. Siemens OpenPCS, etc. Siemens OpenPCS is a process control system. SIMATIC BATCH is a set of software packages for batch automation. Input validation vulnerabilities exist in several Siemens products", "sources": [ { "db": "NVD", "id": "CVE-2018-4832" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "VULHUB", "id": "VHN-134863" } ], "trust": 2.43 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-4832", "trust": 3.4 }, { "db": "SIEMENS", "id": "SSA-348629", "trust": 2.3 }, { "db": "PACKETSTORM", "id": "155665", "trust": 1.8 }, { "db": "SIEMENS", "id": "SSA-451445", "trust": 1.7 }, { "db": "ICS CERT", "id": "ICSA-18-088-03", "trust": 1.4 }, { "db": "ICS CERT", "id": "ICSA-19-351-02", "trust": 1.4 }, { "db": "CNVD", "id": "CNVD-2018-07037", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201804-407", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2018-004994", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2019.4705", "trust": 0.6 }, { "db": "IVD", "id": "E2EA2F61-39AB-11E9-9643-000C29342CB1", "trust": 0.2 }, { "db": "SEEBUG", "id": "SSVID-98989", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-134863", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "VULHUB", "id": "VHN-134863" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "PACKETSTORM", "id": "155665" }, { "db": "CNNVD", "id": "CNNVD-201804-407" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "id": "VAR-201804-1651", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "VULHUB", "id": "VHN-134863" } ], "trust": 1.6839108491666668 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" } ] }, "last_update_date": "2024-11-23T21:36:20.736000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-348629", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf" }, { "title": "Patch for Siemens SIMATIC Multiple Product Denial of Service Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/176379" }, { "title": "Multiple Siemens Fixes for product input validation vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=83209" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "CNNVD", "id": "CNNVD-201804-407" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-134863" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf" }, { "trust": 2.3, "url": "http://packetstormsecurity.com/files/155665/siemens-security-advisory-sppa-t3000-code-execution.html" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf" }, { "trust": 1.4, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-088-03" }, { "trust": 1.4, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-351-02" }, { "trust": 0.9, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4832" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4832" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.4705/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18303" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18292" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18306" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18297" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18283" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18301" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18287" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18294" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18288" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18307" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18296" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18299" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18291" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18295" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18300" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18284" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18290" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18305" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18302" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18286" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18293" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18285" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18289" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18298" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18304" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "VULHUB", "id": "VHN-134863" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "PACKETSTORM", "id": "155665" }, { "db": "CNNVD", "id": "CNNVD-201804-407" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "VULHUB", "id": "VHN-134863" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "PACKETSTORM", "id": "155665" }, { "db": "CNNVD", "id": "CNNVD-201804-407" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-04-04T00:00:00", "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "date": "2018-04-04T00:00:00", "db": "CNVD", "id": "CNVD-2018-07037" }, { "date": "2018-04-24T00:00:00", "db": "VULHUB", "id": "VHN-134863" }, { "date": "2018-07-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "date": "2019-12-13T15:10:44", "db": "PACKETSTORM", "id": "155665" }, { "date": "2018-04-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201804-407" }, { "date": "2018-04-24T17:29:00.227000", "db": "NVD", "id": "CVE-2018-4832" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-22T00:00:00", "db": "CNVD", "id": "CNVD-2018-07037" }, { "date": "2020-03-10T00:00:00", "db": "VULHUB", "id": "VHN-134863" }, { "date": "2019-12-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "date": "2022-10-08T00:00:00", "db": "CNNVD", "id": "CNNVD-201804-407" }, { "date": "2024-11-21T04:07:32.557000", "db": "NVD", "id": "CVE-2018-4832" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201804-407" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens SIMATIC Vulnerability related to input validation in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-004994" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation error", "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNNVD", "id": "CNNVD-201804-407" } ], "trust": 0.8 } }
var-201407-0606
Vulnerability from variot
The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption key, which allows remote attackers to obtain sensitive information by extracting this key from another product installation and then employing this key during the sniffing of network traffic on TCP port 1030. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A privilege elevation vulnerability exists in Siemens SIMATIC WinCC and PCS7 that allows an attacker to exploit the vulnerability to gain administrative access on the affected device. Siemens SIMATIC WinCC and PCS7 are prone to a privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0606", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": "eq", "trust": 2.4, "vendor": "wincc", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 2.4, "vendor": "wincc", "version": "7.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.4, "vendor": "siemens", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "wincc", "version": "7.1" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "wincc", "version": "*" }, { "model": "pcs7", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "8.1" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" } ], "sources": [ { "db": "IVD", "id": "ea209009-7fdb-4811-b130-403cdc16f255" }, { "db": "IVD", "id": "7d720861-463f-11e9-a37c-000c29342cb1" }, { "db": "IVD", "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2014-04643" }, { "db": "BID", "id": "68875" }, { "db": "JVNDB", "id": "JVNDB-2014-003569" }, { "db": "CNNVD", "id": "CNNVD-201407-606" }, { "db": "NVD", "id": "CVE-2014-4686" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003569" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai from Positive Technologies.", "sources": [ { "db": "BID", "id": "68875" } ], "trust": 0.3 }, "cve": "CVE-2014-4686", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2014-4686", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CNVD-2014-04643", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "ea209009-7fdb-4811-b130-403cdc16f255", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "7d720861-463f-11e9-a37c-000c29342cb1", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-72627", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2014-4686", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2014-4686", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2014-04643", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201407-606", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "ea209009-7fdb-4811-b130-403cdc16f255", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "7d720861-463f-11e9-a37c-000c29342cb1", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-72627", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "ea209009-7fdb-4811-b130-403cdc16f255" }, { "db": "IVD", "id": "7d720861-463f-11e9-a37c-000c29342cb1" }, { "db": "IVD", "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2014-04643" }, { "db": "VULHUB", "id": "VHN-72627" }, { "db": "JVNDB", "id": "JVNDB-2014-003569" }, { "db": "CNNVD", "id": "CNNVD-201407-606" }, { "db": "NVD", "id": "CVE-2014-4686" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption key, which allows remote attackers to obtain sensitive information by extracting this key from another product installation and then employing this key during the sniffing of network traffic on TCP port 1030. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A privilege elevation vulnerability exists in Siemens SIMATIC WinCC and PCS7 that allows an attacker to exploit the vulnerability to gain administrative access on the affected device. Siemens SIMATIC WinCC and PCS7 are prone to a privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions", "sources": [ { "db": "NVD", "id": "CVE-2014-4686" }, { "db": "JVNDB", "id": "JVNDB-2014-003569" }, { "db": "CNVD", "id": "CNVD-2014-04643" }, { "db": "BID", "id": "68875" }, { "db": "IVD", "id": "ea209009-7fdb-4811-b130-403cdc16f255" }, { "db": "IVD", "id": "7d720861-463f-11e9-a37c-000c29342cb1" }, { "db": "IVD", "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-72627" } ], "trust": 3.06 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-4686", "trust": 4.2 }, { "db": "SIEMENS", "id": "SSA-214365", "trust": 2.3 }, { "db": "CNNVD", "id": "CNNVD-201407-606", "trust": 1.3 }, { "db": "CNVD", "id": "CNVD-2014-04643", "trust": 1.2 }, { "db": "BID", "id": "68875", "trust": 1.0 }, { "db": "ICS CERT", "id": "ICSA-14-205-02", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2014-003569", "trust": 0.8 }, { "db": "SECUNIA", "id": "60392", "trust": 0.6 }, { "db": "SECUNIA", "id": "60388", "trust": 0.6 }, { "db": "IVD", "id": "EA209009-7FDB-4811-B130-403CDC16F255", "trust": 0.2 }, { "db": "IVD", "id": "7D720861-463F-11E9-A37C-000C29342CB1", "trust": 0.2 }, { "db": "IVD", "id": "E2CE69A6-2351-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "130406", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-72627", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127660", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "ea209009-7fdb-4811-b130-403cdc16f255" }, { "db": "IVD", "id": "7d720861-463f-11e9-a37c-000c29342cb1" }, { "db": "IVD", "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2014-04643" }, { "db": "VULHUB", "id": "VHN-72627" }, { "db": "BID", "id": "68875" }, { "db": "JVNDB", "id": "JVNDB-2014-003569" }, { "db": "PACKETSTORM", "id": "130406" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-606" }, { "db": "NVD", "id": "CVE-2014-4686" } ] }, "id": "VAR-201407-0606", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "ea209009-7fdb-4811-b130-403cdc16f255" }, { "db": "IVD", "id": "7d720861-463f-11e9-a37c-000c29342cb1" }, { "db": "IVD", "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2014-04643" }, { "db": "VULHUB", "id": "VHN-72627" } ], "trust": 1.9749411600000002 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.2 } ], "sources": [ { "db": "IVD", "id": "ea209009-7fdb-4811-b130-403cdc16f255" }, { "db": "IVD", "id": "7d720861-463f-11e9-a37c-000c29342cb1" }, { "db": "IVD", "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2014-04643" } ] }, "last_update_date": "2024-11-23T22:31:17.616000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-214365", "trust": 0.8, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf" }, { "title": "Patch for Siemens SIMATIC WinCC and PCS7 Privilege Escalation Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/47905" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-04643" }, { "db": "JVNDB", "id": "JVNDB-2014-003569" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 }, { "problemtype": "CWE-Other", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003569" }, { "db": "NVD", "id": "CVE-2014-4686" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4686" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4686" }, { "trust": 0.8, "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/68875" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60388" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60392" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1358" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-04643" }, { "db": "VULHUB", "id": "VHN-72627" }, { "db": "BID", "id": "68875" }, { "db": "JVNDB", "id": "JVNDB-2014-003569" }, { "db": "PACKETSTORM", "id": "130406" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-606" }, { "db": "NVD", "id": "CVE-2014-4686" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "ea209009-7fdb-4811-b130-403cdc16f255" }, { "db": "IVD", "id": "7d720861-463f-11e9-a37c-000c29342cb1" }, { "db": "IVD", "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2014-04643" }, { "db": "VULHUB", "id": "VHN-72627" }, { "db": "BID", "id": "68875" }, { "db": "JVNDB", "id": "JVNDB-2014-003569" }, { "db": "PACKETSTORM", "id": "130406" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-606" }, { "db": "NVD", "id": "CVE-2014-4686" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "ea209009-7fdb-4811-b130-403cdc16f255" }, { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "7d720861-463f-11e9-a37c-000c29342cb1" }, { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d" }, { "date": "2014-07-28T00:00:00", "db": "CNVD", "id": "CNVD-2014-04643" }, { "date": "2014-07-24T00:00:00", "db": "VULHUB", "id": "VHN-72627" }, { "date": "2014-07-23T00:00:00", "db": "BID", "id": "68875" }, { "date": "2014-07-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003569" }, { "date": "2015-02-16T17:36:59", "db": "PACKETSTORM", "id": "130406" }, { "date": "2014-07-29T22:37:22", "db": "PACKETSTORM", "id": "127660" }, { "date": "2014-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201407-606" }, { "date": "2014-07-24T14:55:08.190000", "db": "NVD", "id": "CVE-2014-4686" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-07-28T00:00:00", "db": "CNVD", "id": "CNVD-2014-04643" }, { "date": "2014-07-25T00:00:00", "db": "VULHUB", "id": "VHN-72627" }, { "date": "2015-03-19T09:08:00", "db": "BID", "id": "68875" }, { "date": "2014-08-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003569" }, { "date": "2014-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201407-606" }, { "date": "2024-11-21T02:10:42.220000", "db": "NVD", "id": "CVE-2014-4686" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "130406" }, { "db": "CNNVD", "id": "CNNVD-201407-606" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC PCS 7 Used in products such as SIMATIC WinCC Vulnerabilities in which important information is obtained in project management applications", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003569" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Encryption issues", "sources": [ { "db": "IVD", "id": "ea209009-7fdb-4811-b130-403cdc16f255" }, { "db": "IVD", "id": "7d720861-463f-11e9-a37c-000c29342cb1" }, { "db": "IVD", "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d" } ], "trust": 0.6 } }
var-201303-0261
Vulnerability from variot
Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0261", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.4, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.0 sp1" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c8.0" }, { "model": "wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "090c28be-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2013-001991" }, { "db": "CNNVD", "id": "CNNVD-201303-447" }, { "db": "NVD", "id": "CVE-2013-0679" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-001991" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies", "sources": [ { "db": "BID", "id": "58545" }, { "db": "CNNVD", "id": "CNNVD-201303-363" } ], "trust": 0.9 }, "cve": "CVE-2013-0679", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "CVE-2013-0679", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2013-02175", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "090c28be-2353-11e6-abef-000c29c66e3d", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "VHN-60681", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2013-0679", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2013-0679", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2013-02175", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201303-447", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "090c28be-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-60681", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "090c28be-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60681" }, { "db": "JVNDB", "id": "JVNDB-2013-001991" }, { "db": "CNNVD", "id": "CNNVD-201303-447" }, { "db": "NVD", "id": "CVE-2013-0679" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions", "sources": [ { "db": "NVD", "id": "CVE-2013-0679" }, { "db": "JVNDB", "id": "JVNDB-2013-001991" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "BID", "id": "58545" }, { "db": "IVD", "id": "090c28be-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-60681" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2013-0679", "trust": 3.1 }, { "db": "ICS CERT", "id": "ICSA-13-079-02", "trust": 2.8 }, { "db": "SIEMENS", "id": "SSA-714398", "trust": 2.0 }, { "db": "BID", "id": "58545", "trust": 1.5 }, { "db": "CNNVD", "id": "CNNVD-201303-447", "trust": 0.9 }, { "db": "JVNDB", "id": "JVNDB-2013-001991", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2013-02175", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201303-363", "trust": 0.6 }, { "db": "IVD", "id": "090C28BE-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-60681", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120899", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "090c28be-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60681" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001991" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-447" }, { "db": "NVD", "id": "CVE-2013-0679" } ] }, "id": "VAR-201303-0261", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "090c28be-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60681" } ], "trust": 1.5048571666666666 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "090c28be-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" } ] }, "last_update_date": "2024-11-23T21:45:48.701000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.siemens.com/entry/cc/en/" }, { "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/answers/jp/ja/" }, { "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/33002" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2013-001991" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-22", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-60681" }, { "db": "JVNDB", "id": "JVNDB-2013-001991" }, { "db": "NVD", "id": "CVE-2013-0679" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "trust": 2.0, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/58545" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0679" }, { "trust": 0.8, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0679" }, { "trust": 0.3, "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60681" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001991" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-447" }, { "db": "NVD", "id": "CVE-2013-0679" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "090c28be-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60681" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001991" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-447" }, { "db": "NVD", "id": "CVE-2013-0679" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-22T00:00:00", "db": "IVD", "id": "090c28be-2353-11e6-abef-000c29c66e3d" }, { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-21T00:00:00", "db": "VULHUB", "id": "VHN-60681" }, { "date": "2013-03-15T00:00:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001991" }, { "date": "2013-03-21T15:07:17", "db": "PACKETSTORM", "id": "120899" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-22T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-447" }, { "date": "2013-03-21T15:55:01.613000", "db": "NVD", "id": "CVE-2013-0679" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-22T00:00:00", "db": "VULHUB", "id": "VHN-60681" }, { "date": "2013-04-02T15:37:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001991" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-447" }, { "date": "2024-11-21T01:47:59.783000", "db": "NVD", "id": "CVE-2013-0679" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-447" } ], "trust": 1.3 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities", "sources": [ { "db": "BID", "id": "58545" }, { "db": "CNNVD", "id": "CNNVD-201303-363" } ], "trust": 0.9 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Path traversal", "sources": [ { "db": "IVD", "id": "090c28be-2353-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201303-447" } ], "trust": 0.8 } }
var-201207-0136
Vulnerability from variot
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC STEP 7 and PCS 7 are not secure to load library files. Attackers can build specially crafted project files, place them in remote WebDAV or SMB shares, entice users to parse, and execute arbitrary code in the application context. Multiple Siemens SIMATIC Products are prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location which contains a specially crafted Dynamic Link Library (DLL) file. Successful exploits will compromise the application in the context of the currently logged-in user. The following Siemens SIMATIC Products are vulnerable: Siemens SIMATIC PCS 7 versions 7.1 SP3 and prior Siemens SIMATIC STEP 7 versions prior to 5.5 SP1. There are vulnerabilities in Siemens SIMATIC STEP 7 and PCS 7 that can be exploited by malicious attackers to manipulate users' systems. ----------------------------------------------------------------------
We are millions! Join us to protect all Pc's Worldwide. Download the new Secunia PSI 3.0 available in 5 languages and share it with your friends: http://secunia.com/psi
TITLE: Siemens SIMATIC STEP 7 / PCS 7 Insecure Library Loading Vulnerability
SECUNIA ADVISORY ID: SA50039
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50039/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50039
RELEASE DATE: 2012-07-24
DISCUSS ADVISORY: http://secunia.com/advisories/50039/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50039/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50039
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Siemens SIMATIC STEP 7 and PCS 7, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries in an insecure manner.
SOLUTION: Update to version 5.5 SP1 or apply Service Pack.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201207-0136", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic step 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "5.5" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.1 sp3" }, { "model": "simatic step 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "5.5 sp1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "77.x" }, { "model": "simatic step", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "75.x" }, { "model": "simatic pcs7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.1" }, { "model": "simatic step 7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "5.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic step 7", "version": "*" } ], "sources": [ { "db": "IVD", "id": "94166e2e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-3897" }, { "db": "JVNDB", "id": "JVNDB-2012-003410" }, { "db": "CNNVD", "id": "CNNVD-201207-433" }, { "db": "NVD", "id": "CVE-2012-3015" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-003410" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Reported by the vendor", "sources": [ { "db": "BID", "id": "54651" } ], "trust": 0.3 }, "cve": "CVE-2012-3015", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "CVE-2012-3015", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "94166e2e-2353-11e6-abef-000c29c66e3d", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "VHN-56296", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2012-3015", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2012-3015", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-201207-433", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "94166e2e-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-56296", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "94166e2e-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-56296" }, { "db": "JVNDB", "id": "JVNDB-2012-003410" }, { "db": "CNNVD", "id": "CNNVD-201207-433" }, { "db": "NVD", "id": "CVE-2012-3015" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC STEP 7 and PCS 7 are not secure to load library files. Attackers can build specially crafted project files, place them in remote WebDAV or SMB shares, entice users to parse, and execute arbitrary code in the application context. Multiple Siemens SIMATIC Products are prone to a vulnerability that lets attackers execute arbitrary code. \nAn attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location which contains a specially crafted Dynamic Link Library (DLL) file. \nSuccessful exploits will compromise the application in the context of the currently logged-in user. \nThe following Siemens SIMATIC Products are vulnerable:\nSiemens SIMATIC PCS 7 versions 7.1 SP3 and prior\nSiemens SIMATIC STEP 7 versions prior to 5.5 SP1. There are vulnerabilities in Siemens SIMATIC STEP 7 and PCS 7 that can be exploited by malicious attackers to manipulate users\u0027 systems. ----------------------------------------------------------------------\n\nWe are millions! Join us to protect all Pc\u0027s Worldwide. \nDownload the new Secunia PSI 3.0 available in 5 languages and share it with your friends:\nhttp://secunia.com/psi\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC STEP 7 / PCS 7 Insecure Library Loading Vulnerability\n\nSECUNIA ADVISORY ID:\nSA50039\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50039/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50039\n\nRELEASE DATE:\n2012-07-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50039/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50039/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50039\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Siemens SIMATIC STEP 7 and PCS\n7, which can be exploited by malicious people to compromise a user\u0027s\nsystem. \n\nThe vulnerability is caused due to the application loading libraries\nin an insecure manner. \n\nSOLUTION:\nUpdate to version 5.5 SP1 or apply Service Pack. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2012-3015" }, { "db": "JVNDB", "id": "JVNDB-2012-003410" }, { "db": "CNVD", "id": "CNVD-2012-3897" }, { "db": "BID", "id": "54651" }, { "db": "IVD", "id": "94166e2e-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-56296" }, { "db": "PACKETSTORM", "id": "114982" } ], "trust": 2.79 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-56296", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-56296" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2012-3015", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-12-205-02", "trust": 2.5 }, { "db": "SIEMENS", "id": "SSA-110665", "trust": 1.8 }, { "db": "SECUNIA", "id": "50039", "trust": 1.4 }, { "db": "CNNVD", "id": "CNNVD-201207-433", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2012-3897", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2012-003410", "trust": 0.8 }, { "db": "BID", "id": "54651", "trust": 0.4 }, { "db": "IVD", "id": "94166E2E-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-56296", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "114982", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "94166e2e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-3897" }, { "db": "VULHUB", "id": "VHN-56296" }, { "db": "BID", "id": "54651" }, { "db": "JVNDB", "id": "JVNDB-2012-003410" }, { "db": "PACKETSTORM", "id": "114982" }, { "db": "CNNVD", "id": "CNNVD-201207-433" }, { "db": "NVD", "id": "CVE-2012-3015" } ] }, "id": "VAR-201207-0136", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "94166e2e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-3897" }, { "db": "VULHUB", "id": "VHN-56296" } ], "trust": 1.66867142 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "94166e2e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-3897" } ] }, "last_update_date": "2024-11-23T22:31:32.450000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-110665: STEP7 Vulnerability in DLL Loading Mechanism", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/entry/jp/ja/" }, { "title": "Siemens SIMATIC product DLL loads patches for arbitrary code execution vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/19195" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-3897" }, { "db": "JVNDB", "id": "JVNDB-2012-003410" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 }, { "problemtype": "CWE-Other", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-003410" }, { "db": "NVD", "id": "CVE-2012-3015" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-205-02.pdf" }, { "trust": 1.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3015" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3015" }, { "trust": 0.7, "url": "http://secunia.com/advisories/50039/" }, { "trust": 0.6, "url": "http://secunia.com/advisories/50039" }, { "trust": 0.3, "url": "http://blog.rapid7.com/?p=5325" }, { "trust": 0.3, "url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html" }, { "trust": 0.3, "url": "http://www.microsoft.com" }, { "trust": 0.3, "url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50039" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50039/#comments" }, { "trust": 0.1, "url": "http://secunia.com/psi" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-3897" }, { "db": "VULHUB", "id": "VHN-56296" }, { "db": "BID", "id": "54651" }, { "db": "JVNDB", "id": "JVNDB-2012-003410" }, { "db": "PACKETSTORM", "id": "114982" }, { "db": "CNNVD", "id": "CNNVD-201207-433" }, { "db": "NVD", "id": "CVE-2012-3015" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "94166e2e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-3897" }, { "db": "VULHUB", "id": "VHN-56296" }, { "db": "BID", "id": "54651" }, { "db": "JVNDB", "id": "JVNDB-2012-003410" }, { "db": "PACKETSTORM", "id": "114982" }, { "db": "CNNVD", "id": "CNNVD-201207-433" }, { "db": "NVD", "id": "CVE-2012-3015" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-07-26T00:00:00", "db": "IVD", "id": "94166e2e-2353-11e6-abef-000c29c66e3d" }, { "date": "2012-07-26T00:00:00", "db": "CNVD", "id": "CNVD-2012-3897" }, { "date": "2012-07-26T00:00:00", "db": "VULHUB", "id": "VHN-56296" }, { "date": "2012-07-24T00:00:00", "db": "BID", "id": "54651" }, { "date": "2012-07-30T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-003410" }, { "date": "2012-07-25T04:54:50", "db": "PACKETSTORM", "id": "114982" }, { "date": "2012-07-26T00:00:00", "db": "CNNVD", "id": "CNNVD-201207-433" }, { "date": "2012-07-26T10:41:47.980000", "db": "NVD", "id": "CVE-2012-3015" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-07-26T00:00:00", "db": "CNVD", "id": "CNVD-2012-3897" }, { "date": "2012-07-30T00:00:00", "db": "VULHUB", "id": "VHN-56296" }, { "date": "2012-07-24T00:00:00", "db": "BID", "id": "54651" }, { "date": "2012-07-30T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-003410" }, { "date": "2012-07-27T00:00:00", "db": "CNNVD", "id": "CNNVD-201207-433" }, { "date": "2024-11-21T01:40:07.597000", "db": "NVD", "id": "CVE-2012-3015" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201207-433" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC PCS7 Used in SIMATIC STEP7 Vulnerable to gaining privileges", "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-003410" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "IVD", "id": "94166e2e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201207-433" } ], "trust": 0.8 } }
var-201306-0316
Vulnerability from variot
The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerate account names via crafted URL parameters. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC And PCS 7 are prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this weakness to discern valid usernames. This may aid brute-force password cracking or other attacks. There is a vulnerability in the Web Navigator in Siemens WinCC 7.2 Update 1 and earlier versions used in SIMATIC PCS7 8.0 SP1 and earlier versions and other products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201306-0316", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.0 sp1" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.2 update 1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "78.x" }, { "model": "wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.2" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "e694e1ea-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07608" }, { "db": "JVNDB", "id": "JVNDB-2013-002984" }, { "db": "CNNVD", "id": "CNNVD-201306-249" }, { "db": "NVD", "id": "CVE-2013-3959" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-002984" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Alexander Tlyapov from Positive Technologies", "sources": [ { "db": "BID", "id": "60559" } ], "trust": 0.3 }, "cve": "CVE-2013-3959", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "CVE-2013-3959", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "CNVD-2013-07608", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "e694e1ea-2352-11e6-abef-000c29c66e3d", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "VHN-63961", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2013-3959", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2013-3959", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2013-07608", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201306-249", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "e694e1ea-2352-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-63961", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "e694e1ea-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07608" }, { "db": "VULHUB", "id": "VHN-63961" }, { "db": "JVNDB", "id": "JVNDB-2013-002984" }, { "db": "CNNVD", "id": "CNNVD-201306-249" }, { "db": "NVD", "id": "CVE-2013-3959" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerate account names via crafted URL parameters. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC And PCS 7 are prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. \nAttackers may exploit this weakness to discern valid usernames. This may aid brute-force password cracking or other attacks. There is a vulnerability in the Web Navigator in Siemens WinCC 7.2 Update 1 and earlier versions used in SIMATIC PCS7 8.0 SP1 and earlier versions and other products", "sources": [ { "db": "NVD", "id": "CVE-2013-3959" }, { "db": "JVNDB", "id": "JVNDB-2013-002984" }, { "db": "CNVD", "id": "CNVD-2013-07608" }, { "db": "BID", "id": "60559" }, { "db": "IVD", "id": "e694e1ea-2352-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-63961" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2013-3959", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-345843", "trust": 2.0 }, { "db": "SECUNIA", "id": "53805", "trust": 1.2 }, { "db": "ICS CERT", "id": "ICSA-13-169-02", "trust": 1.1 }, { "db": "BID", "id": "60559", "trust": 1.0 }, { "db": "CNNVD", "id": "CNNVD-201306-249", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2013-07608", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2013-002984", "trust": 0.8 }, { "db": "IVD", "id": "E694E1EA-2352-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-63961", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e694e1ea-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07608" }, { "db": "VULHUB", "id": "VHN-63961" }, { "db": "BID", "id": "60559" }, { "db": "JVNDB", "id": "JVNDB-2013-002984" }, { "db": "CNNVD", "id": "CNNVD-201306-249" }, { "db": "NVD", "id": "CVE-2013-3959" } ] }, "id": "VAR-201306-0316", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e694e1ea-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07608" }, { "db": "VULHUB", "id": "VHN-63961" } ], "trust": 1.5048571666666666 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e694e1ea-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07608" } ] }, "last_update_date": "2024-11-23T21:45:40.099000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-345843: Vulnerabilites in WinCC 7.2", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf" }, { "title": "Siemens SIMATIC WinCC/PCS 7 User Name Enumeration Patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/34668" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-07608" }, { "db": "JVNDB", "id": "JVNDB-2013-002984" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-200", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-63961" }, { "db": "JVNDB", "id": "JVNDB-2013-002984" }, { "db": "NVD", "id": "CVE-2013-3959" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf" }, { "trust": 1.1, "url": "https://ics-cert.us-cert.gov/advisories/icsa-13-169-02" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3959" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3959" }, { "trust": 0.6, "url": "http://secunia.com/advisories/53805/" }, { "trust": 0.6, "url": "http://secunia.com/advisories/53805" }, { "trust": 0.3, "url": "http://www.siemens.com/" }, { "trust": 0.3, "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-07608" }, { "db": "VULHUB", "id": "VHN-63961" }, { "db": "BID", "id": "60559" }, { "db": "JVNDB", "id": "JVNDB-2013-002984" }, { "db": "CNNVD", "id": "CNNVD-201306-249" }, { "db": "NVD", "id": "CVE-2013-3959" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e694e1ea-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07608" }, { "db": "VULHUB", "id": "VHN-63961" }, { "db": "BID", "id": "60559" }, { "db": "JVNDB", "id": "JVNDB-2013-002984" }, { "db": "CNNVD", "id": "CNNVD-201306-249" }, { "db": "NVD", "id": "CVE-2013-3959" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-06-19T00:00:00", "db": "IVD", "id": "e694e1ea-2352-11e6-abef-000c29c66e3d" }, { "date": "2013-06-19T00:00:00", "db": "CNVD", "id": "CNVD-2013-07608" }, { "date": "2013-06-14T00:00:00", "db": "VULHUB", "id": "VHN-63961" }, { "date": "2013-06-14T00:00:00", "db": "BID", "id": "60559" }, { "date": "2013-06-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-002984" }, { "date": "2013-06-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201306-249" }, { "date": "2013-06-14T19:55:01.270000", "db": "NVD", "id": "CVE-2013-3959" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-06-19T00:00:00", "db": "CNVD", "id": "CNVD-2013-07608" }, { "date": "2013-06-17T00:00:00", "db": "VULHUB", "id": "VHN-63961" }, { "date": "2015-03-19T09:11:00", "db": "BID", "id": "60559" }, { "date": "2013-06-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-002984" }, { "date": "2013-06-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201306-249" }, { "date": "2024-11-21T01:54:37.447000", "db": "NVD", "id": "CVE-2013-3959" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201306-249" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC/PCS 7 User Name Enumeration Vulnerability", "sources": [ { "db": "IVD", "id": "e694e1ea-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07608" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-201306-249" } ], "trust": 0.6 } }
var-202111-0484
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). Legitimate file operations on the web server of the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read, write or delete unexpected critical files. SIMATIC PCS 7 and SIMATIC WinCC Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-0484", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "17" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-014830" }, { "db": "NVD", "id": "CVE-2021-40358" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Thomas Riedmaier from Siemens Energy reported these vulnerabilities to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202111-777" } ], "trust": 0.6 }, "cve": "CVE-2021-40358", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2021-40358", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-401715", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "id": "CVE-2021-40358", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.1, "id": "CVE-2021-40358", "impactScore": 6.0, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-40358", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2021-40358", "trust": 1.0, "value": "CRITICAL" }, { "author": "productcert@siemens.com", "id": "CVE-2021-40358", "trust": 1.0, "value": "CRITICAL" }, { "author": "NVD", "id": "CVE-2021-40358", "trust": 0.8, "value": "Critical" }, { "author": "CNNVD", "id": "CNNVD-202111-777", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-401715", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2021-40358", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-401715" }, { "db": "VULMON", "id": "CVE-2021-40358" }, { "db": "JVNDB", "id": "JVNDB-2021-014830" }, { "db": "CNNVD", "id": "CNNVD-202111-777" }, { "db": "NVD", "id": "CVE-2021-40358" }, { "db": "NVD", "id": "CVE-2021-40358" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 5). Legitimate file operations on the web server of the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read, write or delete unexpected critical files. SIMATIC PCS 7 and SIMATIC WinCC Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", "sources": [ { "db": "NVD", "id": "CVE-2021-40358" }, { "db": "JVNDB", "id": "JVNDB-2021-014830" }, { "db": "VULHUB", "id": "VHN-401715" }, { "db": "VULMON", "id": "CVE-2021-40358" } ], "trust": 1.8 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-40358", "trust": 3.4 }, { "db": "SIEMENS", "id": "SSA-840188", "trust": 1.8 }, { "db": "ICS CERT", "id": "ICSA-21-315-03", "trust": 1.5 }, { "db": "JVN", "id": "JVNVU95671889", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2021-014830", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2021.3874", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202111-777", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-401715", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2021-40358", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-401715" }, { "db": "VULMON", "id": "CVE-2021-40358" }, { "db": "JVNDB", "id": "JVNDB-2021-014830" }, { "db": "CNNVD", "id": "CNNVD-202111-777" }, { "db": "NVD", "id": "CVE-2021-40358" } ] }, "id": "VAR-202111-0484", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-401715" } ], "trust": 0.7286399 }, "last_update_date": "2024-11-23T19:53:32.316000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-840188", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf" }, { "title": "Siemens SIMATIC PCS 7 and SIMATIC WinCC Repair measures for path traversal vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=169659" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=3a61c08d20a7380576ecaddca7385945" }, { "title": "", "trust": 0.1, "url": "https://github.com/Live-Hack-CVE/CVE-2021-40358 " } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-40358" }, { "db": "JVNDB", "id": "JVNDB-2021-014830" }, { "db": "CNNVD", "id": "CNNVD-202111-777" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-22", "trust": 1.1 }, { "problemtype": "Path traversal (CWE-22) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-401715" }, { "db": "JVNDB", "id": "JVNDB-2021-014830" }, { "db": "NVD", "id": "CVE-2021-40358" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf" }, { "trust": 0.9, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-03" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu95671889/index.html" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40358" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-multiple-vulnerabilities-via-wincc-36835" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.3874" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-03" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/22.html" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2021-40358" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULHUB", "id": "VHN-401715" }, { "db": "VULMON", "id": "CVE-2021-40358" }, { "db": "JVNDB", "id": "JVNDB-2021-014830" }, { "db": "CNNVD", "id": "CNNVD-202111-777" }, { "db": "NVD", "id": "CVE-2021-40358" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-401715" }, { "db": "VULMON", "id": "CVE-2021-40358" }, { "db": "JVNDB", "id": "JVNDB-2021-014830" }, { "db": "CNNVD", "id": "CNNVD-202111-777" }, { "db": "NVD", "id": "CVE-2021-40358" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-11-09T00:00:00", "db": "VULHUB", "id": "VHN-401715" }, { "date": "2021-11-09T00:00:00", "db": "VULMON", "id": "CVE-2021-40358" }, { "date": "2022-10-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-014830" }, { "date": "2021-11-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202111-777" }, { "date": "2021-11-09T12:15:09.930000", "db": "NVD", "id": "CVE-2021-40358" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-10-19T00:00:00", "db": "VULHUB", "id": "VHN-401715" }, { "date": "2022-10-19T00:00:00", "db": "VULMON", "id": "CVE-2021-40358" }, { "date": "2022-10-28T06:57:00", "db": "JVNDB", "id": "JVNDB-2021-014830" }, { "date": "2023-04-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202111-777" }, { "date": "2024-11-21T06:23:56.737000", "db": "NVD", "id": "CVE-2021-40358" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202111-777" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SIMATIC\u00a0PCS\u00a07\u00a0 and \u00a0SIMATIC\u00a0WinCC\u00a0 Past traversal vulnerability in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-014830" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "path traversal", "sources": [ { "db": "CNNVD", "id": "CNNVD-202111-777" } ], "trust": 0.6 } }
var-201407-0603
Vulnerability from variot
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens SIMATIC WinCC And PCS7 that can be exploited by remote attackers to gain elevated privileges on affected devices. Siemens SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. There is a security hole in the WebNavigator server used by Siemens SIMATIC WinCC versions prior to 7.3 for PCS7 and other products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0603", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": "eq", "trust": 2.4, "vendor": "wincc", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 2.4, "vendor": "wincc", "version": "7.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.4, "vendor": "siemens", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "wincc", "version": "7.1" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "wincc", "version": "*" }, { "model": "pcs7", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "8.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" } ], "sources": [ { "db": "IVD", "id": "e2d78202-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "c0a709a9-648b-4fbc-869e-37cd7064012b" }, { "db": "IVD", "id": "7d71e153-463f-11e9-be10-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04644" }, { "db": "BID", "id": "68879" }, { "db": "JVNDB", "id": "JVNDB-2014-003566" }, { "db": "CNNVD", "id": "CNNVD-201407-603" }, { "db": "NVD", "id": "CVE-2014-4683" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003566" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai from Positive Technologies.", "sources": [ { "db": "BID", "id": "68879" } ], "trust": 0.3 }, "cve": "CVE-2014-4683", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "CVE-2014-4683", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "CNVD-2014-04644", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "e2d78202-2351-11e6-abef-000c29c66e3d", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "c0a709a9-648b-4fbc-869e-37cd7064012b", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "7d71e153-463f-11e9-be10-000c29342cb1", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "VHN-72624", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:S/C:P/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2014-4683", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2014-4683", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2014-04644", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201407-603", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "e2d78202-2351-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "c0a709a9-648b-4fbc-869e-37cd7064012b", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "7d71e153-463f-11e9-be10-000c29342cb1", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-72624", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "e2d78202-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "c0a709a9-648b-4fbc-869e-37cd7064012b" }, { "db": "IVD", "id": "7d71e153-463f-11e9-be10-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04644" }, { "db": "VULHUB", "id": "VHN-72624" }, { "db": "JVNDB", "id": "JVNDB-2014-003566" }, { "db": "CNNVD", "id": "CNNVD-201407-603" }, { "db": "NVD", "id": "CVE-2014-4683" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens SIMATIC WinCC And PCS7 that can be exploited by remote attackers to gain elevated privileges on affected devices. Siemens SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. There is a security hole in the WebNavigator server used by Siemens SIMATIC WinCC versions prior to 7.3 for PCS7 and other products", "sources": [ { "db": "NVD", "id": "CVE-2014-4683" }, { "db": "JVNDB", "id": "JVNDB-2014-003566" }, { "db": "CNVD", "id": "CNVD-2014-04644" }, { "db": "BID", "id": "68879" }, { "db": "IVD", "id": "e2d78202-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "c0a709a9-648b-4fbc-869e-37cd7064012b" }, { "db": "IVD", "id": "7d71e153-463f-11e9-be10-000c29342cb1" }, { "db": "VULHUB", "id": "VHN-72624" } ], "trust": 3.06 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-4683", "trust": 4.1 }, { "db": "SIEMENS", "id": "SSA-214365", "trust": 2.3 }, { "db": "CNNVD", "id": "CNNVD-201407-603", "trust": 1.3 }, { "db": "CNVD", "id": "CNVD-2014-04644", "trust": 1.2 }, { "db": "BID", "id": "68879", "trust": 1.0 }, { "db": "ICS CERT", "id": "ICSA-14-205-02", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2014-003566", "trust": 0.8 }, { "db": "SECUNIA", "id": "60392", "trust": 0.6 }, { "db": "SECUNIA", "id": "60388", "trust": 0.6 }, { "db": "IVD", "id": "E2D78202-2351-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "IVD", "id": "C0A709A9-648B-4FBC-869E-37CD7064012B", "trust": 0.2 }, { "db": "IVD", "id": "7D71E153-463F-11E9-BE10-000C29342CB1", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-72624", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127660", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e2d78202-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "c0a709a9-648b-4fbc-869e-37cd7064012b" }, { "db": "IVD", "id": "7d71e153-463f-11e9-be10-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04644" }, { "db": "VULHUB", "id": "VHN-72624" }, { "db": "BID", "id": "68879" }, { "db": "JVNDB", "id": "JVNDB-2014-003566" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-603" }, { "db": "NVD", "id": "CVE-2014-4683" } ] }, "id": "VAR-201407-0603", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e2d78202-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "c0a709a9-648b-4fbc-869e-37cd7064012b" }, { "db": "IVD", "id": "7d71e153-463f-11e9-be10-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04644" }, { "db": "VULHUB", "id": "VHN-72624" } ], "trust": 2.003642875 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.2 } ], "sources": [ { "db": "IVD", "id": "e2d78202-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "c0a709a9-648b-4fbc-869e-37cd7064012b" }, { "db": "IVD", "id": "7d71e153-463f-11e9-be10-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04644" } ] }, "last_update_date": "2024-11-23T22:31:17.673000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-214365", "trust": 0.8, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf" }, { "title": "Patch for Siemens SIMATIC Multiple Products Remote Privilege Escalation Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/47899" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-04644" }, { "db": "JVNDB", "id": "JVNDB-2014-003566" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-72624" }, { "db": "JVNDB", "id": "JVNDB-2014-003566" }, { "db": "NVD", "id": "CVE-2014-4683" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4683" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4683" }, { "trust": 0.8, "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/68879/info" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60388" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60392" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.3, "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-04644" }, { "db": "VULHUB", "id": "VHN-72624" }, { "db": "BID", "id": "68879" }, { "db": "JVNDB", "id": "JVNDB-2014-003566" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-603" }, { "db": "NVD", "id": "CVE-2014-4683" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e2d78202-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "c0a709a9-648b-4fbc-869e-37cd7064012b" }, { "db": "IVD", "id": "7d71e153-463f-11e9-be10-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2014-04644" }, { "db": "VULHUB", "id": "VHN-72624" }, { "db": "BID", "id": "68879" }, { "db": "JVNDB", "id": "JVNDB-2014-003566" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-603" }, { "db": "NVD", "id": "CVE-2014-4683" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "e2d78202-2351-11e6-abef-000c29c66e3d" }, { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "c0a709a9-648b-4fbc-869e-37cd7064012b" }, { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "7d71e153-463f-11e9-be10-000c29342cb1" }, { "date": "2014-07-28T00:00:00", "db": "CNVD", "id": "CNVD-2014-04644" }, { "date": "2014-07-24T00:00:00", "db": "VULHUB", "id": "VHN-72624" }, { "date": "2014-07-23T00:00:00", "db": "BID", "id": "68879" }, { "date": "2014-07-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003566" }, { "date": "2014-07-29T22:37:22", "db": "PACKETSTORM", "id": "127660" }, { "date": "2014-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201407-603" }, { "date": "2014-07-24T14:55:08.050000", "db": "NVD", "id": "CVE-2014-4683" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-07-28T00:00:00", "db": "CNVD", "id": "CNVD-2014-04644" }, { "date": "2014-07-25T00:00:00", "db": "VULHUB", "id": "VHN-72624" }, { "date": "2015-03-19T09:40:00", "db": "BID", "id": "68879" }, { "date": "2014-08-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003566" }, { "date": "2014-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201407-603" }, { "date": "2024-11-21T02:10:41.813000", "db": "NVD", "id": "CVE-2014-4683" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201407-603" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC PCS 7 Used in products such as SIMATIC WinCC of WebNavigator Vulnerability that can be obtained privilege in the server", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003566" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Permission permission and access control", "sources": [ { "db": "IVD", "id": "e2d78202-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "c0a709a9-648b-4fbc-869e-37cd7064012b" }, { "db": "IVD", "id": "7d71e153-463f-11e9-be10-000c29342cb1" } ], "trust": 0.6 } }
var-202111-0482
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). The affected systems store sensitive information in log files. An attacker with access to the log files could publicly expose the information or reuse it to develop further attacks on the system. SIMATIC PCS 7 and SIMATIC WinCC Contains a vulnerability related to information leakage from log files.Information may be obtained
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202111-0482", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic pcs 7", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "17" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-014828" }, { "db": "NVD", "id": "CVE-2021-40364" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Thomas Riedmaier from Siemens Energy reported these vulnerabilities to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202111-780" } ], "trust": 0.6 }, "cve": "CVE-2021-40364", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CVE-2021-40364", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-401721", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2021-40364", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-40364", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2021-40364", "trust": 1.0, "value": "MEDIUM" }, { "author": "productcert@siemens.com", "id": "CVE-2021-40364", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2021-40364", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-202111-780", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-401721", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-401721" }, { "db": "JVNDB", "id": "JVNDB-2021-014828" }, { "db": "CNNVD", "id": "CNNVD-202111-780" }, { "db": "NVD", "id": "CVE-2021-40364" }, { "db": "NVD", "id": "CVE-2021-40364" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 5). The affected systems store sensitive information in log files. An attacker with access to the log files could publicly expose the information or reuse it to develop further attacks on the system. SIMATIC PCS 7 and SIMATIC WinCC Contains a vulnerability related to information leakage from log files.Information may be obtained", "sources": [ { "db": "NVD", "id": "CVE-2021-40364" }, { "db": "JVNDB", "id": "JVNDB-2021-014828" }, { "db": "VULHUB", "id": "VHN-401721" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-40364", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-840188", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2021-014828", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2021.3874", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-21-315-03", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202111-780", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-401721", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-401721" }, { "db": "JVNDB", "id": "JVNDB-2021-014828" }, { "db": "CNNVD", "id": "CNNVD-202111-780" }, { "db": "NVD", "id": "CVE-2021-40364" } ] }, "id": "VAR-202111-0482", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-401721" } ], "trust": 0.7286399 }, "last_update_date": "2024-11-23T21:02:29.281000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-840188", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf" }, { "title": "Siemens SIMATIC PCS 7 and SIMATIC WinCC Repair measures for log information disclosure vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=169661" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-014828" }, { "db": "CNNVD", "id": "CNNVD-202111-780" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-532", "trust": 1.1 }, { "problemtype": "Information leakage from log files (CWE-532) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-401721" }, { "db": "JVNDB", "id": "JVNDB-2021-014828" }, { "db": "NVD", "id": "CVE-2021-40364" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40364" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-multiple-vulnerabilities-via-wincc-36835" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.3874" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-03" } ], "sources": [ { "db": "VULHUB", "id": "VHN-401721" }, { "db": "JVNDB", "id": "JVNDB-2021-014828" }, { "db": "CNNVD", "id": "CNNVD-202111-780" }, { "db": "NVD", "id": "CVE-2021-40364" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-401721" }, { "db": "JVNDB", "id": "JVNDB-2021-014828" }, { "db": "CNNVD", "id": "CNNVD-202111-780" }, { "db": "NVD", "id": "CVE-2021-40364" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-11-09T00:00:00", "db": "VULHUB", "id": "VHN-401721" }, { "date": "2022-10-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-014828" }, { "date": "2021-11-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202111-780" }, { "date": "2021-11-09T12:15:10.070000", "db": "NVD", "id": "CVE-2021-40364" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-07-28T00:00:00", "db": "VULHUB", "id": "VHN-401721" }, { "date": "2022-10-28T06:51:00", "db": "JVNDB", "id": "JVNDB-2021-014828" }, { "date": "2022-08-10T00:00:00", "db": "CNNVD", "id": "CNNVD-202111-780" }, { "date": "2024-11-21T06:23:57.400000", "db": "NVD", "id": "CVE-2021-40364" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202111-780" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SIMATIC\u00a0PCS\u00a07\u00a0 and \u00a0SIMATIC\u00a0WinCC\u00a0 Vulnerability regarding information leakage from log files in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-014828" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "log information leak", "sources": [ { "db": "CNNVD", "id": "CNNVD-202111-780" } ], "trust": 0.6 } }
var-201411-0459
Vulnerability from variot
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC WinCC, SIMATIC PCS 7 and TIA Portal (Botu) are all industrial automation products of German Siemens (Siemens). SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC; TIA Portal is a software platform that can quickly develop and debug automation systems. WinCC server is an option for it, which can operate multiple operating systems and monitoring stations in the network connected to the automation system. There are security vulnerabilities in the WinCC server of several Siemens products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201411-0459", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": "eq", "trust": 3.2, "vendor": "simatic wincc", "version": "7.2" }, { "model": null, "scope": "eq", "trust": 1.6, "vendor": "simatic wincc", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.3" }, { "model": "simatic tiaportal", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "13.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.2" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "simatic tiaportal", "version": "13.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "simatic pcs7", "version": "8.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.3 update 2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.2 update 9" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.1 to 7.1 sp4" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.0 to 8.0 sp2" }, { "model": "totally integrated automation portal", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.0 to 7.0 sp3" }, { "model": "totally integrated automation portal", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "13 update 6" }, { "model": "wincc 7.0-sp3", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "wincc (\u003cupdate", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.29)" }, { "model": "wincc (\u003cupdate", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.32)" }, { "model": "simatic pcs 7.1-sp4", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7" }, { "model": "simatic pcs 8.0-sp2", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "78.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic pcs7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic pcs 7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic wincc", "version": "7.3" } ], "sources": [ { "db": "IVD", "id": "b4b94e28-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "5c884bc4-e541-45c1-9c37-0147460766ff" }, { "db": "CNVD", "id": "CNVD-2014-08593" }, { "db": "JVNDB", "id": "JVNDB-2014-005644" }, { "db": "CNNVD", "id": "CNNVD-201411-500" }, { "db": "NVD", "id": "CVE-2014-8551" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_tiaportal", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-005644" } ] }, "cve": "CVE-2014-8551", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CVE-2014-8551", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CNVD-2014-08593", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "b4b94e28-2351-11e6-abef-000c29c66e3d", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "5c884bc4-e541-45c1-9c37-0147460766ff", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "VHN-76496", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2014-8551", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2014-8551", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2014-08593", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201411-500", "trust": 0.6, "value": "CRITICAL" }, { "author": "IVD", "id": "b4b94e28-2351-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "CRITICAL" }, { "author": "IVD", "id": "5c884bc4-e541-45c1-9c37-0147460766ff", "trust": 0.2, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-76496", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2014-8551", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "b4b94e28-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "5c884bc4-e541-45c1-9c37-0147460766ff" }, { "db": "CNVD", "id": "CNVD-2014-08593" }, { "db": "VULHUB", "id": "VHN-76496" }, { "db": "VULMON", "id": "CVE-2014-8551" }, { "db": "JVNDB", "id": "JVNDB-2014-005644" }, { "db": "CNNVD", "id": "CNNVD-201411-500" }, { "db": "NVD", "id": "CVE-2014-8551" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC WinCC, SIMATIC PCS 7 and TIA Portal (Botu) are all industrial automation products of German Siemens (Siemens). SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC; TIA Portal is a software platform that can quickly develop and debug automation systems. WinCC server is an option for it, which can operate multiple operating systems and monitoring stations in the network connected to the automation system. There are security vulnerabilities in the WinCC server of several Siemens products", "sources": [ { "db": "NVD", "id": "CVE-2014-8551" }, { "db": "JVNDB", "id": "JVNDB-2014-005644" }, { "db": "CNVD", "id": "CNVD-2014-08593" }, { "db": "IVD", "id": "b4b94e28-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "5c884bc4-e541-45c1-9c37-0147460766ff" }, { "db": "VULHUB", "id": "VHN-76496" }, { "db": "VULMON", "id": "CVE-2014-8551" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-8551", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-134508", "trust": 2.4 }, { "db": "CNNVD", "id": "CNNVD-201411-500", "trust": 1.1 }, { "db": "CNVD", "id": "CNVD-2014-08593", "trust": 1.0 }, { "db": "ICS CERT", "id": "ICSA-14-329-02", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2014-005644", "trust": 0.8 }, { "db": "SECUNIA", "id": "60068", "trust": 0.6 }, { "db": "IVD", "id": "B4B94E28-2351-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "IVD", "id": "5C884BC4-E541-45C1-9C37-0147460766FF", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-76496", "trust": 0.1 }, { "db": "ICS CERT", "id": "ICSA-14-329-02D", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2014-8551", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "b4b94e28-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "5c884bc4-e541-45c1-9c37-0147460766ff" }, { "db": "CNVD", "id": "CNVD-2014-08593" }, { "db": "VULHUB", "id": "VHN-76496" }, { "db": "VULMON", "id": "CVE-2014-8551" }, { "db": "JVNDB", "id": "JVNDB-2014-005644" }, { "db": "CNNVD", "id": "CNNVD-201411-500" }, { "db": "NVD", "id": "CVE-2014-8551" } ] }, "id": "VAR-201411-0459", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "b4b94e28-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "5c884bc4-e541-45c1-9c37-0147460766ff" }, { "db": "CNVD", "id": "CNVD-2014-08593" }, { "db": "VULHUB", "id": "VHN-76496" } ], "trust": 1.7048571666666668 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.0 } ], "sources": [ { "db": "IVD", "id": "b4b94e28-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "5c884bc4-e541-45c1-9c37-0147460766ff" }, { "db": "CNVD", "id": "CNVD-2014-08593" } ] }, "last_update_date": "2024-11-23T22:01:59.863000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-134508", "trust": 0.8, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf" }, { "title": "Patch for Siemens SIMATIC WinCC/PCS 7 arbitrary code execution vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/52284" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/siemens-patches-wincc-vulnerabilities-likely-being-exploited/109631/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08593" }, { "db": "VULMON", "id": "CVE-2014-8551" }, { "db": "JVNDB", "id": "JVNDB-2014-005644" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-94", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-76496" }, { "db": "JVNDB", "id": "JVNDB-2014-005644" }, { "db": "NVD", "id": "CVE-2014-8551" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8551" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8551" }, { "trust": 0.8, "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-329-02" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60068" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/94.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://threatpost.com/siemens-patches-wincc-vulnerabilities-likely-being-exploited/109631/" }, { "trust": 0.1, "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-329-02d" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-08593" }, { "db": "VULHUB", "id": "VHN-76496" }, { "db": "VULMON", "id": "CVE-2014-8551" }, { "db": "JVNDB", "id": "JVNDB-2014-005644" }, { "db": "CNNVD", "id": "CNNVD-201411-500" }, { "db": "NVD", "id": "CVE-2014-8551" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "b4b94e28-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "5c884bc4-e541-45c1-9c37-0147460766ff" }, { "db": "CNVD", "id": "CNVD-2014-08593" }, { "db": "VULHUB", "id": "VHN-76496" }, { "db": "VULMON", "id": "CVE-2014-8551" }, { "db": "JVNDB", "id": "JVNDB-2014-005644" }, { "db": "CNNVD", "id": "CNNVD-201411-500" }, { "db": "NVD", "id": "CVE-2014-8551" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-12-01T00:00:00", "db": "IVD", "id": "b4b94e28-2351-11e6-abef-000c29c66e3d" }, { "date": "2014-12-01T00:00:00", "db": "IVD", "id": "5c884bc4-e541-45c1-9c37-0147460766ff" }, { "date": "2014-12-01T00:00:00", "db": "CNVD", "id": "CNVD-2014-08593" }, { "date": "2014-11-26T00:00:00", "db": "VULHUB", "id": "VHN-76496" }, { "date": "2014-11-26T00:00:00", "db": "VULMON", "id": "CVE-2014-8551" }, { "date": "2014-11-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-005644" }, { "date": "2014-11-27T00:00:00", "db": "CNNVD", "id": "CNNVD-201411-500" }, { "date": "2014-11-26T11:59:00.093000", "db": "NVD", "id": "CVE-2014-8551" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-12-01T00:00:00", "db": "CNVD", "id": "CNVD-2014-08593" }, { "date": "2014-11-26T00:00:00", "db": "VULHUB", "id": "VHN-76496" }, { "date": "2014-11-26T00:00:00", "db": "VULMON", "id": "CVE-2014-8551" }, { "date": "2014-11-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-005644" }, { "date": "2014-11-27T00:00:00", "db": "CNNVD", "id": "CNNVD-201411-500" }, { "date": "2024-11-21T02:19:19.247000", "db": "NVD", "id": "CVE-2014-8551" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201411-500" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC/PCS 7 Arbitrary code execution vulnerability", "sources": [ { "db": "IVD", "id": "b4b94e28-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "5c884bc4-e541-45c1-9c37-0147460766ff" }, { "db": "CNVD", "id": "CNVD-2014-08593" } ], "trust": 1.0 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Code injection", "sources": [ { "db": "IVD", "id": "b4b94e28-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "5c884bc4-e541-45c1-9c37-0147460766ff" }, { "db": "CNNVD", "id": "CNNVD-201411-500" } ], "trust": 1.0 } }
var-201708-0476
Vulnerability from variot
An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. Siemens industrial products are based on the OPC UAP protocol based on OPC to discover and configure LAN device information.
The Siemens OPC UA protocol has an XML external entity vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions. Siemens SIMATIC PCS and so on are all products of German Siemens (Siemens). Siemens SIMATIC PCS is a process control system. SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201708-0476", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "local discovery server", "scope": "lte", "trust": 1.0, "vendor": "ocpfoundation", "version": "1.01.333.0" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "ua .net", "scope": "lte", "trust": 1.0, "vendor": "ocpfoundation", "version": "2017-03-21" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "7.3" }, { "model": "local discovery server", "scope": "lt", "trust": 0.8, "vendor": "opc", "version": "1.03.367" }, { "model": "ua .net", "scope": "eq", "trust": 0.8, "vendor": "opc", "version": "2017-03-21" }, { "model": "simatic it production suite", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic net pc software", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic it production suite all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic net pc-software", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=7.1" }, { "model": "simatic wincc sp1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc runtime professional", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc runtime professional sp1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v14" }, { "model": "local discovery server", "scope": "eq", "trust": 0.6, "vendor": "ocpfoundation", "version": "1.01.333.0" }, { "model": "ua .net", "scope": "eq", "trust": 0.6, "vendor": "ocpfoundation", "version": "2017-03-21" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic net pc-software sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software hf1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software sp2 hf3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic it production suite", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "plant connectivity", "scope": "eq", "trust": 0.3, "vendor": "sap", "version": "15.0" }, { "model": "simatic wincc runtime professional sp1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc sp1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "local discovery server", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ua net", "version": "*" } ], "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "BID", "id": "100559" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:opcfoundation:local_discovery_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:opcfoundation:ua_.net", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_it_production_suite", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-008019" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Sergey Temnikov of Kaspersky Lab.", "sources": [ { "db": "BID", "id": "100559" } ], "trust": 0.3 }, "cve": "CVE-2017-12069", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2017-12069", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2017-24363", "impactScore": 7.8, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb", "impactScore": 7.8, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-102554", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "exploitabilityScore": 3.9, "id": "CVE-2017-12069", "impactScore": 4.2, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2017-12069", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2017-12069", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2017-24363", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201708-1273", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-102554", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2017-12069", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULHUB", "id": "VHN-102554" }, { "db": "VULMON", "id": "CVE-2017-12069" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions \u003c V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions \u003c V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. Siemens industrial products are based on the OPC UAP protocol based on OPC to discover and configure LAN device information. \n\nThe Siemens OPC UA protocol has an XML external entity vulnerability. \nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions. Siemens SIMATIC PCS and so on are all products of German Siemens (Siemens). Siemens SIMATIC PCS is a process control system. SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system", "sources": [ { "db": "NVD", "id": "CVE-2017-12069" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "BID", "id": "100559" }, { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "VULHUB", "id": "VHN-102554" }, { "db": "VULMON", "id": "CVE-2017-12069" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2017-12069", "trust": 3.7 }, { "db": "SIEMENS", "id": "SSA-535640", "trust": 1.8 }, { "db": "ICS CERT", "id": "ICSA-17-243-01", "trust": 1.6 }, { "db": "BID", "id": "100559", "trust": 1.5 }, { "db": "SECTRACK", "id": "1039510", "trust": 1.2 }, { "db": "CNNVD", "id": "CNNVD-201708-1273", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2017-24363", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-17-243-01B", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2017-008019", "trust": 0.8 }, { "db": "IVD", "id": "E3C681F4-90BE-4763-9EA0-9BF8B55433BB", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-102554", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2017-12069", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULHUB", "id": "VHN-102554" }, { "db": "VULMON", "id": "CVE-2017-12069" }, { "db": "BID", "id": "100559" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "id": "VAR-201708-0476", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULHUB", "id": "VHN-102554" } ], "trust": 1.5183507387500002 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" } ] }, "last_update_date": "2024-11-23T21:40:46.820000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security Update for the OPC UA .NET Sample Code", "trust": 0.8, "url": "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf" }, { "title": "SSA-535640", "trust": 0.8, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf" }, { "title": "Patch for Siemens OPC UA Protocol XML External Entity Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/176381" }, { "title": "Multiple Siemens product OPC Foundation UA .NET Sample Code and Local Discovery Server Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74833" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=0561e5e7e515f186e8a5589cf02f38a8" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULMON", "id": "CVE-2017-12069" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-611", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-102554" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.8, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf" }, { "trust": 1.5, "url": "https://opcfoundation-onlineapplications.org/faq/securitybulletins/opc_foundation_security_bulletin_cve-2017-12069.pdf" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/100559" }, { "trust": 1.2, "url": "http://www.securitytracker.com/id/1039510" }, { "trust": 0.9, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-243-01" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12069" }, { "trust": 0.8, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-243-01b" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12069" }, { "trust": 0.6, "url": "https://support.industry.siemens.com/cs/ww/en/view/109746038" }, { "trust": 0.6, "url": "https://support.industry.siemens.com/cs/ww/en/view/109746276" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-243-01-0" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.3, "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=500633095" }, { "trust": 0.3, "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499356993" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/611.html" }, { "trust": 0.1, "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55504" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-17-243-01-0" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULHUB", "id": "VHN-102554" }, { "db": "VULMON", "id": "CVE-2017-12069" }, { "db": "BID", "id": "100559" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULHUB", "id": "VHN-102554" }, { "db": "VULMON", "id": "CVE-2017-12069" }, { "db": "BID", "id": "100559" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-09-02T00:00:00", "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "date": "2017-09-01T00:00:00", "db": "CNVD", "id": "CNVD-2017-24363" }, { "date": "2017-08-30T00:00:00", "db": "VULHUB", "id": "VHN-102554" }, { "date": "2017-08-30T00:00:00", "db": "VULMON", "id": "CVE-2017-12069" }, { "date": "2017-08-31T00:00:00", "db": "BID", "id": "100559" }, { "date": "2017-10-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "date": "2017-08-30T00:00:00", "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "date": "2017-08-30T19:29:00.210000", "db": "NVD", "id": "CVE-2017-12069" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-28T00:00:00", "db": "CNVD", "id": "CNVD-2017-24363" }, { "date": "2017-10-06T00:00:00", "db": "VULHUB", "id": "VHN-102554" }, { "date": "2017-10-06T00:00:00", "db": "VULMON", "id": "CVE-2017-12069" }, { "date": "2018-10-12T04:00:00", "db": "BID", "id": "100559" }, { "date": "2017-10-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "date": "2020-08-12T00:00:00", "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "date": "2024-11-21T03:08:46.230000", "db": "NVD", "id": "CVE-2017-12069" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201708-1273" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens OPC UA protocol XML External entity vulnerability", "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201708-1273" } ], "trust": 0.6 } }
var-201209-0226
Vulnerability from variot
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.
The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50568
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
RELEASE DATE: 2012-09-11
DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50568/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.
1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user.
2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences.
3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
SOLUTION: Apply Update 3.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.
ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0226", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "6.0" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.0 sp3" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "wincc", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "77.x" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "5e11d08e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5087" }, { "db": "JVNDB", "id": "JVNDB-2012-004450" }, { "db": "CNNVD", "id": "CNNVD-201209-296" }, { "db": "NVD", "id": "CVE-2012-3034" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-004450" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Denis Baranov Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov,Timur Yunusov from Positive Technologies", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-296" } ], "trust": 0.6 }, "cve": "CVE-2012-3034", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2012-3034", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "5e11d08e-2353-11e6-abef-000c29c66e3d", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-56315", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2012-3034", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2012-3034", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-201209-296", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "5e11d08e-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-56315", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2012-3034", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "5e11d08e-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-56315" }, { "db": "VULMON", "id": "CVE-2012-3034" }, { "db": "JVNDB", "id": "JVNDB-2012-004450" }, { "db": "CNNVD", "id": "CNNVD-201209-296" }, { "db": "NVD", "id": "CVE-2012-3034" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2012-3034" }, { "db": "JVNDB", "id": "JVNDB-2012-004450" }, { "db": "CNVD", "id": "CNVD-2012-5087" }, { "db": "BID", "id": "55492" }, { "db": "IVD", "id": "5e11d08e-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-56315" }, { "db": "VULMON", "id": "CVE-2012-3034" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" } ], "trust": 2.97 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2012-3034", "trust": 3.7 }, { "db": "SIEMENS", "id": "SSA-864051", "trust": 2.6 }, { "db": "ICS CERT", "id": "ICSA-12-256-01", "trust": 2.6 }, { "db": "CNNVD", "id": "CNNVD-201209-296", "trust": 0.9 }, { "db": "BID", "id": "55492", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2012-5087", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2012-004450", "trust": 0.8 }, { "db": "SECUNIA", "id": "50568", "trust": 0.8 }, { "db": "NSFOCUS", "id": "20651", "trust": 0.6 }, { "db": "NSFOCUS", "id": "20931", "trust": 0.6 }, { "db": "IVD", "id": "5E11D08E-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "SECUNIA", "id": "50581", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-56315", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2012-3034", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116445", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116447", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "5e11d08e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5087" }, { "db": "VULHUB", "id": "VHN-56315" }, { "db": "VULMON", "id": "CVE-2012-3034" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004450" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-296" }, { "db": "NVD", "id": "CVE-2012-3034" } ] }, "id": "VAR-201209-0226", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "5e11d08e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5087" }, { "db": "VULHUB", "id": "VHN-56315" } ], "trust": 1.5048571666666666 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "5e11d08e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5087" } ] }, "last_update_date": "2024-11-23T21:46:02.614000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.siemens.com/" }, { "title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/entry/jp/ja/" }, { "title": "Patch for Siemens SIMATIC WinCC ActiveX Control Account Information Disclosure Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/22134" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-5087" }, { "db": "JVNDB", "id": "JVNDB-2012-004450" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-200", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-56315" }, { "db": "JVNDB", "id": "JVNDB-2012-004450" }, { "db": "NVD", "id": "CVE-2012-3034" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf" }, { "trust": 2.0, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf" }, { "trust": 1.8, "url": "http://en.securitylab.ru/lab/pt-2012-45" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3034" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3034" }, { "trust": 0.6, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp" }, { "trust": 0.6, "url": "http://secunia.com/advisories/50568" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/55492" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/20931" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/20651" }, { "trust": 0.3, "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.2, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.2, "url": "http://secunia.com/blog/325/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/200.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26911" }, { "trust": 0.1, "url": "https://ics-cert.us-cert.gov/advisories/icsa-12-256-01" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50581/#comments" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50581/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50568/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50568/#comments" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-5087" }, { "db": "VULHUB", "id": "VHN-56315" }, { "db": "VULMON", "id": "CVE-2012-3034" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004450" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-296" }, { "db": "NVD", "id": "CVE-2012-3034" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "5e11d08e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5087" }, { "db": "VULHUB", "id": "VHN-56315" }, { "db": "VULMON", "id": "CVE-2012-3034" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004450" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-296" }, { "db": "NVD", "id": "CVE-2012-3034" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-09-13T00:00:00", "db": "IVD", "id": "5e11d08e-2353-11e6-abef-000c29c66e3d" }, { "date": "2012-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2012-5087" }, { "date": "2012-09-18T00:00:00", "db": "VULHUB", "id": "VHN-56315" }, { "date": "2012-09-18T00:00:00", "db": "VULMON", "id": "CVE-2012-3034" }, { "date": "2012-09-11T00:00:00", "db": "BID", "id": "55492" }, { "date": "2012-09-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004450" }, { "date": "2012-09-11T07:30:00", "db": "PACKETSTORM", "id": "116445" }, { "date": "2012-09-11T07:30:06", "db": "PACKETSTORM", "id": "116447" }, { "date": "2012-09-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201209-296" }, { "date": "2012-09-18T14:55:01.583000", "db": "NVD", "id": "CVE-2012-3034" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2012-5087" }, { "date": "2012-09-19T00:00:00", "db": "VULHUB", "id": "VHN-56315" }, { "date": "2012-09-19T00:00:00", "db": "VULMON", "id": "CVE-2012-3034" }, { "date": "2012-09-12T22:50:00", "db": "BID", "id": "55492" }, { "date": "2012-09-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004450" }, { "date": "2012-09-20T00:00:00", "db": "CNNVD", "id": "CNNVD-201209-296" }, { "date": "2024-11-21T01:40:09.340000", "db": "NVD", "id": "CVE-2012-3034" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-296" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC ActiveX Control Account Information Disclosure Vulnerability", "sources": [ { "db": "IVD", "id": "5e11d08e-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5087" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-296" } ], "trust": 0.6 } }
var-202202-0369
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V17 (All versions <= V17 Update 4), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The affected component stores the credentials of a local system account in a potentially publicly accessible project file using an outdated cipher algorithm. An attacker may use this to brute force the credentials and take over the system. SIMATIC PCS 7 and SIMATIC WinCC There is a vulnerability in plaintext storage of important information.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system.
An information disclosure vulnerability exists in Siemens SIMATIC WinCC, which could allow an attacker to use this command to forcibly obtain credentials and take over the system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0369", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "17" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14.0.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc update", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v172" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10000" }, { "db": "JVNDB", "id": "JVNDB-2022-005071" }, { "db": "NVD", "id": "CVE-2021-40363" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported these vulnerabilities to CISA.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-592" } ], "trust": 0.6 }, "cve": "CVE-2021-40363", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CVE-2021-40363", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CNVD-2022-10000", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-401720", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2021-40363", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-40363", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2021-40363", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2021-40363", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2022-10000", "trust": 0.6, "value": "LOW" }, { "author": "CNNVD", "id": "CNNVD-202202-592", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-401720", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10000" }, { "db": "VULHUB", "id": "VHN-401720" }, { "db": "JVNDB", "id": "JVNDB-2022-005071" }, { "db": "CNNVD", "id": "CNNVD-202202-592" }, { "db": "NVD", "id": "CVE-2021-40363" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V17 (All versions \u003c= V17 Update 4), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 6). The affected component stores the credentials of a local system account in a potentially publicly accessible project file using an outdated cipher algorithm. An attacker may use this to brute force the credentials and take over the system. SIMATIC PCS 7 and SIMATIC WinCC There is a vulnerability in plaintext storage of important information.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. \n\r\n\r\nAn information disclosure vulnerability exists in Siemens SIMATIC WinCC, which could allow an attacker to use this command to forcibly obtain credentials and take over the system", "sources": [ { "db": "NVD", "id": "CVE-2021-40363" }, { "db": "JVNDB", "id": "JVNDB-2022-005071" }, { "db": "CNVD", "id": "CNVD-2022-10000" }, { "db": "VULHUB", "id": "VHN-401720" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-40363", "trust": 3.9 }, { "db": "SIEMENS", "id": "SSA-914168", "trust": 2.3 }, { "db": "ICS CERT", "id": "ICSA-22-041-02", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU98748974", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-005071", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-10000", "trust": 0.7 }, { "db": "CS-HELP", "id": "SB2022021106", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0606", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202202-592", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-401720", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10000" }, { "db": "VULHUB", "id": "VHN-401720" }, { "db": "JVNDB", "id": "JVNDB-2022-005071" }, { "db": "CNNVD", "id": "CNNVD-202202-592" }, { "db": "NVD", "id": "CVE-2021-40363" } ] }, "id": "VAR-202202-0369", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-10000" }, { "db": "VULHUB", "id": "VHN-401720" } ], "trust": 1.3482599333333334 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10000" } ] }, "last_update_date": "2024-11-23T21:01:12.437000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-914168", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf" }, { "title": "Patch for Siemens SIMATIC WinCC Information Disclosure Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/318461" }, { "title": "Siemens SIMATIC PCS 7 and SIMATIC WinCC Remediation measures for authorization problem vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=181960" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10000" }, { "db": "JVNDB", "id": "JVNDB-2022-005071" }, { "db": "CNNVD", "id": "CNNVD-202202-592" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-538", "trust": 1.1 }, { "problemtype": "CWE-312", "trust": 1.0 }, { "problemtype": "Plaintext storage of important information (CWE-312) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-401720" }, { "db": "JVNDB", "id": "JVNDB-2022-005071" }, { "db": "NVD", "id": "CVE-2021-40363" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40363" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98748974/index.html" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-02" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-user-access-via-credentials-brute-force-37483" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0606" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022021106" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-041-02" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10000" }, { "db": "VULHUB", "id": "VHN-401720" }, { "db": "JVNDB", "id": "JVNDB-2022-005071" }, { "db": "CNNVD", "id": "CNNVD-202202-592" }, { "db": "NVD", "id": "CVE-2021-40363" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-10000" }, { "db": "VULHUB", "id": "VHN-401720" }, { "db": "JVNDB", "id": "JVNDB-2022-005071" }, { "db": "CNNVD", "id": "CNNVD-202202-592" }, { "db": "NVD", "id": "CVE-2021-40363" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-14T00:00:00", "db": "CNVD", "id": "CNVD-2022-10000" }, { "date": "2022-02-09T00:00:00", "db": "VULHUB", "id": "VHN-401720" }, { "date": "2023-05-16T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-005071" }, { "date": "2022-02-08T00:00:00", "db": "CNNVD", "id": "CNNVD-202202-592" }, { "date": "2022-02-09T16:15:13.877000", "db": "NVD", "id": "CVE-2021-40363" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-14T00:00:00", "db": "CNVD", "id": "CNVD-2022-10000" }, { "date": "2022-10-06T00:00:00", "db": "VULHUB", "id": "VHN-401720" }, { "date": "2023-05-16T08:53:00", "db": "JVNDB", "id": "JVNDB-2022-005071" }, { "date": "2022-08-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202202-592" }, { "date": "2024-11-21T06:23:57.250000", "db": "NVD", "id": "CVE-2021-40363" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-592" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SIMATIC\u00a0PCS\u00a07\u00a0 and \u00a0SIMATIC\u00a0WinCC\u00a0 Vulnerability in plaintext storage of important information in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-005071" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "authorization issue", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-592" } ], "trust": 0.6 } }
var-202202-0368
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server. SIMATIC PCS 7 and SIMATIC WinCC Is vulnerable to improper restrictions on excessive authentication attempts.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are the products of Germany's Siemens (Siemens). SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and supervisory control (SCADA) system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0368", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "17" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14.0.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v8.2" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v15" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.1" }, { "model": "simatic wincc sp2 update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v7.56" }, { "model": "simatic wincc update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v165" }, { "model": "simatic wincc update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v172" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10001" }, { "db": "JVNDB", "id": "JVNDB-2022-005070" }, { "db": "NVD", "id": "CVE-2021-40360" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported these vulnerabilities to CISA.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-593" } ], "trust": 0.6 }, "cve": "CVE-2021-40360", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "CVE-2021-40360", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.4, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 4.9, "id": "CNVD-2022-10001", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "VHN-401717", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2021-40360", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-40360", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2021-40360", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2021-40360", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2022-10001", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202202-593", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-401717", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10001" }, { "db": "VULHUB", "id": "VHN-401717" }, { "db": "JVNDB", "id": "JVNDB-2022-005070" }, { "db": "CNNVD", "id": "CNNVD-202202-593" }, { "db": "NVD", "id": "CVE-2021-40360" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server. SIMATIC PCS 7 and SIMATIC WinCC Is vulnerable to improper restrictions on excessive authentication attempts.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are the products of Germany\u0027s Siemens (Siemens). SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and supervisory control (SCADA) system", "sources": [ { "db": "NVD", "id": "CVE-2021-40360" }, { "db": "JVNDB", "id": "JVNDB-2022-005070" }, { "db": "CNVD", "id": "CNVD-2022-10001" }, { "db": "VULHUB", "id": "VHN-401717" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-40360", "trust": 3.9 }, { "db": "SIEMENS", "id": "SSA-914168", "trust": 2.3 }, { "db": "ICS CERT", "id": "ICSA-22-041-02", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU98748974", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-005070", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-10001", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2022.0606", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022021107", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202202-593", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-401717", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10001" }, { "db": "VULHUB", "id": "VHN-401717" }, { "db": "JVNDB", "id": "JVNDB-2022-005070" }, { "db": "CNNVD", "id": "CNNVD-202202-593" }, { "db": "NVD", "id": "CVE-2021-40360" } ] }, "id": "VAR-202202-0368", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-10001" }, { "db": "VULHUB", "id": "VHN-401717" } ], "trust": 1.3986949499999999 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10001" } ] }, "last_update_date": "2024-11-23T20:59:36.366000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-914168", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf" }, { "title": "Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Information Disclosure Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/318456" }, { "title": "Siemens SIMATIC WinCC Repair measures for information disclosure vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=182415" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10001" }, { "db": "JVNDB", "id": "JVNDB-2022-005070" }, { "db": "CNNVD", "id": "CNNVD-202202-593" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-522", "trust": 1.0 }, { "problemtype": "CWE-200", "trust": 1.0 }, { "problemtype": "Inappropriate limitation of excessive authentication attempts (CWE-307) [NVD evaluation ]", "trust": 0.8 }, { "problemtype": "CWE-307", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-401717" }, { "db": "JVNDB", "id": "JVNDB-2022-005070" }, { "db": "NVD", "id": "CVE-2021-40360" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40360" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98748974/index.html" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-02" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-user-access-via-credentials-brute-force-37483" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0606" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022021107" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-041-02" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-10001" }, { "db": "VULHUB", "id": "VHN-401717" }, { "db": "JVNDB", "id": "JVNDB-2022-005070" }, { "db": "CNNVD", "id": "CNNVD-202202-593" }, { "db": "NVD", "id": "CVE-2021-40360" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-10001" }, { "db": "VULHUB", "id": "VHN-401717" }, { "db": "JVNDB", "id": "JVNDB-2022-005070" }, { "db": "CNNVD", "id": "CNNVD-202202-593" }, { "db": "NVD", "id": "CVE-2021-40360" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-14T00:00:00", "db": "CNVD", "id": "CNVD-2022-10001" }, { "date": "2022-02-09T00:00:00", "db": "VULHUB", "id": "VHN-401717" }, { "date": "2023-05-16T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-005070" }, { "date": "2022-02-08T00:00:00", "db": "CNNVD", "id": "CNNVD-202202-593" }, { "date": "2022-02-09T16:15:13.813000", "db": "NVD", "id": "CVE-2021-40360" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-14T00:00:00", "db": "CNVD", "id": "CNVD-2022-10001" }, { "date": "2022-10-06T00:00:00", "db": "VULHUB", "id": "VHN-401717" }, { "date": "2023-05-16T08:50:00", "db": "JVNDB", "id": "JVNDB-2022-005070" }, { "date": "2023-07-18T00:00:00", "db": "CNNVD", "id": "CNNVD-202202-593" }, { "date": "2024-11-21T06:23:57.097000", "db": "NVD", "id": "CVE-2021-40360" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-593" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SIMATIC\u00a0PCS\u00a07\u00a0 and \u00a0SIMATIC\u00a0WinCC\u00a0 Vulnerability in improperly limiting excessive authentication attempts in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-005070" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-202202-593" } ], "trust": 0.6 } }
var-201306-0314
Vulnerability from variot
SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. By operating the database, remote attackers can exploit this vulnerability to enhance their permissions. Depending on the system configuration, it is possible to obtain full system access rights and execute. Any SQL command
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201306-0314", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.0 sp1" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.2 update 1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "78.x" }, { "model": "wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.2" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "e6a420b0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07609" }, { "db": "JVNDB", "id": "JVNDB-2013-002982" }, { "db": "CNNVD", "id": "CNNVD-201306-247" }, { "db": "NVD", "id": "CVE-2013-3957" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-002982" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Alexander Tlyapov from Positive Technologies", "sources": [ { "db": "BID", "id": "60558" } ], "trust": 0.3 }, "cve": "CVE-2013-3957", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2013-3957", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2013-07609", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "e6a420b0-2352-11e6-abef-000c29c66e3d", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-63959", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2013-3957", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2013-3957", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2013-07609", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201306-247", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "e6a420b0-2352-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-63959", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "e6a420b0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07609" }, { "db": "VULHUB", "id": "VHN-63959" }, { "db": "JVNDB", "id": "JVNDB-2013-002982" }, { "db": "CNNVD", "id": "CNNVD-201306-247" }, { "db": "NVD", "id": "CVE-2013-3957" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. By operating the database, remote attackers can exploit this vulnerability to enhance their permissions. Depending on the system configuration, it is possible to obtain full system access rights and execute. Any SQL command", "sources": [ { "db": "NVD", "id": "CVE-2013-3957" }, { "db": "JVNDB", "id": "JVNDB-2013-002982" }, { "db": "CNVD", "id": "CNVD-2013-07609" }, { "db": "BID", "id": "60558" }, { "db": "IVD", "id": "e6a420b0-2352-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-63959" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2013-3957", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-345843", "trust": 1.7 }, { "db": "SECUNIA", "id": "53805", "trust": 1.2 }, { "db": "BID", "id": "60558", "trust": 1.0 }, { "db": "CNVD", "id": "CNVD-2013-07609", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201306-247", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2013-002982", "trust": 0.8 }, { "db": "IVD", "id": "E6A420B0-2352-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-63959", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e6a420b0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07609" }, { "db": "VULHUB", "id": "VHN-63959" }, { "db": "BID", "id": "60558" }, { "db": "JVNDB", "id": "JVNDB-2013-002982" }, { "db": "CNNVD", "id": "CNNVD-201306-247" }, { "db": "NVD", "id": "CVE-2013-3957" } ] }, "id": "VAR-201306-0314", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e6a420b0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07609" }, { "db": "VULHUB", "id": "VHN-63959" } ], "trust": 1.5048571666666666 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e6a420b0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07609" } ] }, "last_update_date": "2024-11-23T21:45:40.140000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-345843: Vulnerabilites in WinCC 7.2", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf" }, { "title": "Patch for Siemens SIMATIC WinCC/PCS 7 SQL Injection Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/34669" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-07609" }, { "db": "JVNDB", "id": "JVNDB-2013-002982" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-89", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-63959" }, { "db": "JVNDB", "id": "JVNDB-2013-002982" }, { "db": "NVD", "id": "CVE-2013-3957" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3957" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3957" }, { "trust": 0.6, "url": "http://secunia.com/advisories/53805/" }, { "trust": 0.6, "url": "http://secunia.com/advisories/53805" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-07609" }, { "db": "VULHUB", "id": "VHN-63959" }, { "db": "BID", "id": "60558" }, { "db": "JVNDB", "id": "JVNDB-2013-002982" }, { "db": "CNNVD", "id": "CNNVD-201306-247" }, { "db": "NVD", "id": "CVE-2013-3957" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e6a420b0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-07609" }, { "db": "VULHUB", "id": "VHN-63959" }, { "db": "BID", "id": "60558" }, { "db": "JVNDB", "id": "JVNDB-2013-002982" }, { "db": "CNNVD", "id": "CNNVD-201306-247" }, { "db": "NVD", "id": "CVE-2013-3957" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-06-19T00:00:00", "db": "IVD", "id": "e6a420b0-2352-11e6-abef-000c29c66e3d" }, { "date": "2013-06-19T00:00:00", "db": "CNVD", "id": "CNVD-2013-07609" }, { "date": "2013-06-14T00:00:00", "db": "VULHUB", "id": "VHN-63959" }, { "date": "2013-06-14T00:00:00", "db": "BID", "id": "60558" }, { "date": "2013-06-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-002982" }, { "date": "2013-06-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201306-247" }, { "date": "2013-06-14T19:55:01.233000", "db": "NVD", "id": "CVE-2013-3957" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-06-19T00:00:00", "db": "CNVD", "id": "CNVD-2013-07609" }, { "date": "2013-06-17T00:00:00", "db": "VULHUB", "id": "VHN-63959" }, { "date": "2015-03-19T08:17:00", "db": "BID", "id": "60558" }, { "date": "2013-06-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-002982" }, { "date": "2013-07-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201306-247" }, { "date": "2024-11-21T01:54:37.167000", "db": "NVD", "id": "CVE-2013-3957" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201306-247" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SIMATIC PCS 7 Used in Siemens WinCC of Web Navigator In SQL Injection vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-002982" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SQL injection", "sources": [ { "db": "IVD", "id": "e6a420b0-2352-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201306-247" } ], "trust": 0.8 } }
var-201905-1076
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without "Encrypted Communication", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. SIMATIC PCS 7 and WinCC Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An access control error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1076", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic pcs 7", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic wincc", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v8.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003e=v8.1" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.2" }, { "model": "simatic wincc", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v7.3" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic wincc", "version": "*" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic wincc", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic pcs", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "78.1" } ], "sources": [ { "db": "IVD", "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d" }, { "db": "CNVD", "id": "CNVD-2019-14819" }, { "db": "BID", "id": "108398" }, { "db": "JVNDB", "id": "JVNDB-2019-004559" }, { "db": "NVD", "id": "CVE-2019-10922" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004559" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab reported this vulnerability to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-601" } ], "trust": 0.6 }, "cve": "CVE-2019-10922", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2019-10922", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2019-14819", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-142517", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "id": "CVE-2019-10922", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2019-10922", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-10922", "trust": 1.0, "value": "CRITICAL" }, { "author": "NVD", "id": "CVE-2019-10922", "trust": 0.8, "value": "Critical" }, { "author": "CNVD", "id": "CNVD-2019-14819", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201905-601", "trust": 0.6, "value": "CRITICAL" }, { "author": "IVD", "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d", "trust": 0.2, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-142517", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2019-10922", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d" }, { "db": "CNVD", "id": "CNVD-2019-14819" }, { "db": "VULHUB", "id": "VHN-142517" }, { "db": "VULMON", "id": "CVE-2019-10922" }, { "db": "JVNDB", "id": "JVNDB-2019-004559" }, { "db": "CNNVD", "id": "CNNVD-201905-601" }, { "db": "NVD", "id": "CVE-2019-10922" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without \"Encrypted Communication\", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. SIMATIC PCS 7 and WinCC Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An access control error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC", "sources": [ { "db": "NVD", "id": "CVE-2019-10922" }, { "db": "JVNDB", "id": "JVNDB-2019-004559" }, { "db": "CNVD", "id": "CNVD-2019-14819" }, { "db": "BID", "id": "108398" }, { "db": "IVD", "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d" }, { "db": "VULHUB", "id": "VHN-142517" }, { "db": "VULMON", "id": "CVE-2019-10922" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10922", "trust": 3.7 }, { "db": "ICS CERT", "id": "ICSA-19-134-02", "trust": 2.4 }, { "db": "BID", "id": "108398", "trust": 2.1 }, { "db": "SIEMENS", "id": "SSA-705517", "trust": 1.8 }, { "db": "CNVD", "id": "CNVD-2019-14819", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201905-601", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-004559", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2019.1716.2", "trust": 0.6 }, { "db": "IVD", "id": "28B5F5F4-5CC5-4DD7-87DA-AEDB11DAE08D", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-142517", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-10922", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d" }, { "db": "CNVD", "id": "CNVD-2019-14819" }, { "db": "VULHUB", "id": "VHN-142517" }, { "db": "VULMON", "id": "CVE-2019-10922" }, { "db": "BID", "id": "108398" }, { "db": "JVNDB", "id": "JVNDB-2019-004559" }, { "db": "CNNVD", "id": "CNNVD-201905-601" }, { "db": "NVD", "id": "CVE-2019-10922" } ] }, "id": "VAR-201905-1076", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d" }, { "db": "CNVD", "id": "CNVD-2019-14819" }, { "db": "VULHUB", "id": "VHN-142517" } ], "trust": 1.5286399 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d" }, { "db": "CNVD", "id": "CNVD-2019-14819" } ] }, "last_update_date": "2024-11-23T21:37:17.578000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-705517", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf" }, { "title": "Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Access Control Error Vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/161749" }, { "title": "Siemens SIMATIC PCS 7 and SIMATIC WinCC Fixes for access control error vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92743" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=5b4ebc1c1cb31c7e91ba7bafb5859453" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14819" }, { "db": "VULMON", "id": "CVE-2019-10922" }, { "db": "JVNDB", "id": "JVNDB-2019-004559" }, { "db": "CNNVD", "id": "CNNVD-201905-601" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-306", "trust": 1.0 }, { "problemtype": "CWE-284", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-142517" }, { "db": "JVNDB", "id": "JVNDB-2019-004559" }, { "db": "NVD", "id": "CVE-2019-10922" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://www.securityfocus.com/bid/108398" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf" }, { "trust": 1.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10922" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10922" }, { "trust": 0.8, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-02-0" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80946" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-wincc-code-execution-29287" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14819" }, { "db": "VULHUB", "id": "VHN-142517" }, { "db": "VULMON", "id": "CVE-2019-10922" }, { "db": "BID", "id": "108398" }, { "db": "JVNDB", "id": "JVNDB-2019-004559" }, { "db": "CNNVD", "id": "CNNVD-201905-601" }, { "db": "NVD", "id": "CVE-2019-10922" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d" }, { "db": "CNVD", "id": "CNVD-2019-14819" }, { "db": "VULHUB", "id": "VHN-142517" }, { "db": "VULMON", "id": "CVE-2019-10922" }, { "db": "BID", "id": "108398" }, { "db": "JVNDB", "id": "JVNDB-2019-004559" }, { "db": "CNNVD", "id": "CNNVD-201905-601" }, { "db": "NVD", "id": "CVE-2019-10922" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "IVD", "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d" }, { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14819" }, { "date": "2019-05-14T00:00:00", "db": "VULHUB", "id": "VHN-142517" }, { "date": "2019-05-14T00:00:00", "db": "VULMON", "id": "CVE-2019-10922" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108398" }, { "date": "2019-06-04T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004559" }, { "date": "2019-05-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-601" }, { "date": "2019-05-14T20:29:02.763000", "db": "NVD", "id": "CVE-2019-10922" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14819" }, { "date": "2020-10-02T00:00:00", "db": "VULHUB", "id": "VHN-142517" }, { "date": "2020-10-02T00:00:00", "db": "VULMON", "id": "CVE-2019-10922" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108398" }, { "date": "2019-07-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004559" }, { "date": "2020-10-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-601" }, { "date": "2024-11-21T04:20:09.473000", "db": "NVD", "id": "CVE-2019-10922" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-601" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SIMATIC PCS 7 and WinCC Access control vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004559" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Access control error", "sources": [ { "db": "IVD", "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d" }, { "db": "CNNVD", "id": "CNNVD-201905-601" } ], "trust": 0.8 } }
var-201905-1322
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that was caused by a network system or product that did not properly validate the input data and could be exploited by an attacker to access project files. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1322", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime professional", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13.0" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v14" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v15" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.1.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.3.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.5 upd3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "13.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "14.x" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.5" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.0 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.2.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.4.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "15.x" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.2 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "9.0.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=7.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc upd3", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5.*\u003cv7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "79.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.53" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "13.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "14.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "15.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime professional", "version": "*" } ], "sources": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004566" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab, and ChengBin Wang from Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-597" } ], "trust": 0.6 }, "cve": "CVE-2019-10916", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "CVE-2019-10916", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "CNVD-2019-14938", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "5e23f13f-8869-4704-a7f2-72babe1680f8", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "VHN-142510", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2019-10916", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2019-10916", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-10916", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-10916", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2019-14938", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201905-597", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-142510", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "VULHUB", "id": "VHN-142510" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "CNNVD", "id": "CNNVD-201905-597" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that was caused by a network system or product that did not properly validate the input data and could be exploited by an attacker to access project files. Siemens SIMATIC products are prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An SQL injection vulnerability3. \n3. An arbitrary command execution\nExploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. \nThe following Siemens SIMATIC products are affected:\nSIMATIC PCS 7 version 8.0 and prior\nSIMATIC PCS 7 version 8.1\nSIMATIC PCS 7 version 8.2\nSIMATIC PCS 7 version 9.0\nSIMATIC WinCC (TIA Portal) version 13\nSIMATIC WinCC (TIA Portal) version 14\nSIMATIC WinCC (TIA Portal) version 15\nSIMATIC WinCC Runtime Professional, all version\nSIMATIC WinCC version 7.2 and prior\nSIMATIC WinCC version 7.3\nSIMATIC WinCC version 7.4\nSIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3", "sources": [ { "db": "NVD", "id": "CVE-2019-10916" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "BID", "id": "108404" }, { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "VULHUB", "id": "VHN-142510" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10916", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-19-134-08", "trust": 3.4 }, { "db": "SIEMENS", "id": "SSA-697412", "trust": 1.7 }, { "db": "CNNVD", "id": "CNNVD-201905-597", "trust": 0.9 }, { "db": "BID", "id": "108404", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-14938", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-004566", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-19-134-02", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.1716.2", "trust": 0.6 }, { "db": "IVD", "id": "5E23F13F-8869-4704-A7F2-72BABE1680F8", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-142510", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "VULHUB", "id": "VHN-142510" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "CNNVD", "id": "CNNVD-201905-597" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "id": "VAR-201905-1322", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "VULHUB", "id": "VHN-142510" } ], "trust": 1.5496564849999999 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" } ] }, "last_update_date": "2024-11-23T21:37:16.618000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-697412", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "title": "Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Input Validation Error Vulnerability (NVD-C-2019-65203)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/161835" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-89", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-142510" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-08" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "trust": 1.5, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-08" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10916" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/108404" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10916" }, { "trust": 0.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80946" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "VULHUB", "id": "VHN-142510" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "CNNVD", "id": "CNNVD-201905-597" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "VULHUB", "id": "VHN-142510" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "CNNVD", "id": "CNNVD-201905-597" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14938" }, { "date": "2019-05-14T00:00:00", "db": "VULHUB", "id": "VHN-142510" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108404" }, { "date": "2019-06-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "date": "2019-05-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-597" }, { "date": "2019-05-14T20:29:02.293000", "db": "NVD", "id": "CVE-2019-10916" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14938" }, { "date": "2019-10-10T00:00:00", "db": "VULHUB", "id": "VHN-142510" }, { "date": "2019-05-22T06:00:00", "db": "BID", "id": "108404" }, { "date": "2019-07-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "date": "2022-03-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-597" }, { "date": "2024-11-21T04:20:08.653000", "db": "NVD", "id": "CVE-2019-10916" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-597" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Vulnerability related to input validation in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004566" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SQL injection", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-597" } ], "trust": 0.6 } }
var-202102-0008
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication. SIMATIC PCS 7 and SIMATIC WinCC Contains an authentication vulnerability.Information may be obtained. Siemens SIMATIC WinCC is a set of automated data acquisition and monitoring (SCADA) system of Germany's Siemens (Siemens) company.
Siemens SIMATIC WinCC has security vulnerabilities. There are security holes in SIMATIC PCS 7 and SIMATIC WinCC, and there is no related information about this hole at present, please pay attention to CNNVD or manufacturer announcements at any time
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202102-0008", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": "7.5 sp2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7" }, { "model": "simatic wincc sp2", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v7.5" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-12077" }, { "db": "JVNDB", "id": "JVNDB-2020-015933" }, { "db": "NVD", "id": "CVE-2020-10048" } ] }, "cve": "CVE-2020-10048", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CVE-2020-10048", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CNVD-2021-12077", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-162487", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2020-10048", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2020-10048", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2020-10048", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2020-10048", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2021-12077", "trust": 0.6, "value": "LOW" }, { "author": "CNNVD", "id": "CNNVD-202102-796", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-162487", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-12077" }, { "db": "VULHUB", "id": "VHN-162487" }, { "db": "JVNDB", "id": "JVNDB-2020-015933" }, { "db": "CNNVD", "id": "CNNVD-202102-796" }, { "db": "NVD", "id": "CVE-2020-10048" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions \u003c V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication. SIMATIC PCS 7 and SIMATIC WinCC Contains an authentication vulnerability.Information may be obtained. Siemens SIMATIC WinCC is a set of automated data acquisition and monitoring (SCADA) system of Germany\u0027s Siemens (Siemens) company. \n\r\n\r\nSiemens SIMATIC WinCC has security vulnerabilities. There are security holes in SIMATIC PCS 7 and SIMATIC WinCC, and there is no related information about this hole at present, please pay attention to CNNVD or manufacturer announcements at any time", "sources": [ { "db": "NVD", "id": "CVE-2020-10048" }, { "db": "JVNDB", "id": "JVNDB-2020-015933" }, { "db": "CNVD", "id": "CNVD-2021-12077" }, { "db": "VULHUB", "id": "VHN-162487" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-10048", "trust": 3.1 }, { "db": "SIEMENS", "id": "SSA-944678", "trust": 2.3 }, { "db": "JVN", "id": "JVNVU91083521", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2020-015933", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2021-12077", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.0503", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-21-040-09", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202102-796", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-162487", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-12077" }, { "db": "VULHUB", "id": "VHN-162487" }, { "db": "JVNDB", "id": "JVNDB-2020-015933" }, { "db": "CNNVD", "id": "CNNVD-202102-796" }, { "db": "NVD", "id": "CVE-2020-10048" } ] }, "id": "VAR-202102-0008", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2021-12077" }, { "db": "VULHUB", "id": "VHN-162487" } ], "trust": 1.359834 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-12077" } ] }, "last_update_date": "2024-11-23T21:30:43.954000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-944678", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf" }, { "title": "Patch for Siemens SIMATIC WinCC bypass authentication vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/249066" }, { "title": "SIMATIC PCS 7 and SIMATIC WinCC Remediation measures for authorization problem vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142179" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-12077" }, { "db": "JVNDB", "id": "JVNDB-2020-015933" }, { "db": "CNNVD", "id": "CNNVD-202102-796" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-287", "trust": 1.1 }, { "problemtype": "CWE-288", "trust": 1.0 }, { "problemtype": "Improper authentication (CWE-287) [NVD Evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-162487" }, { "db": "JVNDB", "id": "JVNDB-2020-015933" }, { "db": "NVD", "id": "CVE-2020-10048" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91083521/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10048" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-information-disclosure-via-password-protected-pictures-34523" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-09" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0503" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-12077" }, { "db": "VULHUB", "id": "VHN-162487" }, { "db": "JVNDB", "id": "JVNDB-2020-015933" }, { "db": "CNNVD", "id": "CNNVD-202102-796" }, { "db": "NVD", "id": "CVE-2020-10048" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2021-12077" }, { "db": "VULHUB", "id": "VHN-162487" }, { "db": "JVNDB", "id": "JVNDB-2020-015933" }, { "db": "CNNVD", "id": "CNNVD-202102-796" }, { "db": "NVD", "id": "CVE-2020-10048" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-23T00:00:00", "db": "CNVD", "id": "CNVD-2021-12077" }, { "date": "2021-02-09T00:00:00", "db": "VULHUB", "id": "VHN-162487" }, { "date": "2021-10-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-015933" }, { "date": "2021-02-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-796" }, { "date": "2021-02-09T17:15:13.360000", "db": "NVD", "id": "CVE-2020-10048" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-26T00:00:00", "db": "CNVD", "id": "CNVD-2021-12077" }, { "date": "2021-02-11T00:00:00", "db": "VULHUB", "id": "VHN-162487" }, { "date": "2021-10-25T07:34:00", "db": "JVNDB", "id": "JVNDB-2020-015933" }, { "date": "2021-02-22T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-796" }, { "date": "2024-11-21T04:54:42.183000", "db": "NVD", "id": "CVE-2020-10048" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-796" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SIMATIC\u00a0PCS\u00a07\u00a0 and \u00a0SIMATIC\u00a0WinCC\u00a0 Authentication vulnerabilities in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-015933" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "authorization issue", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-796" } ], "trust": 0.6 } }
var-201209-0224
Vulnerability from variot
Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a (1) GET parameter, (2) POST parameter, or (3) Referer HTTP header. Siemens SIMATIC PCS7 And used in other products Siemens WinCC of WebNavigator Contains a cross-site scripting vulnerability.By any third party, any Web Script or HTML May be inserted. (1) GET Parameters (2) POST Parameters (3) Referer HTTP header. A cross-site request forgery vulnerability exists in Siemens SIMATIC WinCC that allows an attacker to build a malicious web page, trick the user into parsing, and perform malicious actions in the target user context. Siemens SIMATIC is an automation software in a single engineering environment. Part of the input passed to the WebNavigator component lacks filtering before returning to the user, and can be exploited for cross-site scripting attacks to obtain sensitive information or hijack user sessions. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.
The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50568
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
RELEASE DATE: 2012-09-11
DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50568/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.
2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences.
3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.
SOLUTION: Apply Update 3.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.
ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0224", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "6.0" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.0 sp3" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "wincc", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "6.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "77.x" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "5dd0e308-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "CNVD", "id": "CNVD-2012-5084" }, { "db": "JVNDB", "id": "JVNDB-2012-004448" }, { "db": "CNNVD", "id": "CNNVD-201209-294" }, { "db": "NVD", "id": "CVE-2012-3031" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-004448" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Pavel Toporkov,Denis Baranov Sergey Bobrov, Artem Chaykin,Timur Yunusov from Positive Technologies, Vladimir Kochetkov", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-294" } ], "trust": 0.6 }, "cve": "CVE-2012-3031", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2012-3031", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CNVD-2012-5088", "impactScore": 7.8, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "5dd0e308-2353-11e6-abef-000c29c66e3d", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "VHN-56312", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2012-3031", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2012-3031", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2012-5088", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201209-294", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "5dd0e308-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-56312", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "5dd0e308-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "VULHUB", "id": "VHN-56312" }, { "db": "JVNDB", "id": "JVNDB-2012-004448" }, { "db": "CNNVD", "id": "CNNVD-201209-294" }, { "db": "NVD", "id": "CVE-2012-3031" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a (1) GET parameter, (2) POST parameter, or (3) Referer HTTP header. Siemens SIMATIC PCS7 And used in other products Siemens WinCC of WebNavigator Contains a cross-site scripting vulnerability.By any third party, any Web Script or HTML May be inserted. (1) GET Parameters (2) POST Parameters (3) Referer HTTP header. A cross-site request forgery vulnerability exists in Siemens SIMATIC WinCC that allows an attacker to build a malicious web page, trick the user into parsing, and perform malicious actions in the target user context. Siemens SIMATIC is an automation software in a single engineering environment. Part of the input passed to the WebNavigator component lacks filtering before returning to the user, and can be exploited for cross-site scripting attacks to obtain sensitive information or hijack user sessions. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2012-3031" }, { "db": "JVNDB", "id": "JVNDB-2012-004448" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "CNVD", "id": "CNVD-2012-5084" }, { "db": "BID", "id": "55492" }, { "db": "IVD", "id": "5dd0e308-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-56312" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" } ], "trust": 3.42 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2012-3031", "trust": 4.2 }, { "db": "SIEMENS", "id": "SSA-864051", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-12-256-01", "trust": 1.9 }, { "db": "CNNVD", "id": "CNNVD-201209-294", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2012-5084", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2012-004448", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2012-5088", "trust": 0.6 }, { "db": "NSFOCUS", "id": "47149", "trust": 0.6 }, { "db": "BID", "id": "55492", "trust": 0.3 }, { "db": "IVD", "id": "5DD0E308-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "SECUNIA", "id": "50581", "trust": 0.2 }, { "db": "SECUNIA", "id": "50568", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-56312", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116445", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116447", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "5dd0e308-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "CNVD", "id": "CNVD-2012-5084" }, { "db": "VULHUB", "id": "VHN-56312" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004448" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-294" }, { "db": "NVD", "id": "CVE-2012-3031" } ] }, "id": "VAR-201209-0224", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "5dd0e308-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "CNVD", "id": "CNVD-2012-5084" }, { "db": "VULHUB", "id": "VHN-56312" } ], "trust": 2.1048571666666667 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.4 } ], "sources": [ { "db": "IVD", "id": "5dd0e308-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "CNVD", "id": "CNVD-2012-5084" } ] }, "last_update_date": "2024-11-23T21:46:02.506000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.siemens.com/" }, { "title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/entry/jp/ja/" }, { "title": "Patch for Siemens SIMATIC WinCC Cross-Site Request Forgery Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/80787" }, { "title": "Patch for Siemens SIMATIC WinCC Cross-Site Scripting Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/22132" }, { "title": "WinCC_V70_SP3_Upd4", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44861" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "CNVD", "id": "CNVD-2012-5084" }, { "db": "JVNDB", "id": "JVNDB-2012-004448" }, { "db": "CNNVD", "id": "CNNVD-201209-294" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-79", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-56312" }, { "db": "JVNDB", "id": "JVNDB-2012-004448" }, { "db": "NVD", "id": "CVE-2012-3031" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf" }, { "trust": 1.3, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf" }, { "trust": 1.1, "url": "http://en.securitylab.ru/lab/pt-2012-42" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3031" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3031" }, { "trust": 0.6, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-864051.pdf" }, { "trust": 0.6, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/47149" }, { "trust": 0.3, "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.2, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.2, "url": "http://secunia.com/blog/325/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50581/#comments" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50581/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50568/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50568/#comments" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "CNVD", "id": "CNVD-2012-5084" }, { "db": "VULHUB", "id": "VHN-56312" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004448" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-294" }, { "db": "NVD", "id": "CVE-2012-3031" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "5dd0e308-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "CNVD", "id": "CNVD-2012-5084" }, { "db": "VULHUB", "id": "VHN-56312" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004448" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-294" }, { "db": "NVD", "id": "CVE-2012-3031" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-09-13T00:00:00", "db": "IVD", "id": "5dd0e308-2353-11e6-abef-000c29c66e3d" }, { "date": "2012-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2012-5088" }, { "date": "2012-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2012-5084" }, { "date": "2012-09-18T00:00:00", "db": "VULHUB", "id": "VHN-56312" }, { "date": "2012-09-11T00:00:00", "db": "BID", "id": "55492" }, { "date": "2012-09-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004448" }, { "date": "2012-09-11T07:30:00", "db": "PACKETSTORM", "id": "116445" }, { "date": "2012-09-11T07:30:06", "db": "PACKETSTORM", "id": "116447" }, { "date": "2012-09-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201209-294" }, { "date": "2012-09-18T14:55:01.490000", "db": "NVD", "id": "CVE-2012-3031" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-08-26T00:00:00", "db": "CNVD", "id": "CNVD-2012-5088" }, { "date": "2012-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2012-5084" }, { "date": "2012-09-19T00:00:00", "db": "VULHUB", "id": "VHN-56312" }, { "date": "2012-09-12T22:50:00", "db": "BID", "id": "55492" }, { "date": "2012-09-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004448" }, { "date": "2020-07-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201209-294" }, { "date": "2024-11-21T01:40:09.087000", "db": "NVD", "id": "CVE-2012-3031" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-294" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC Cross-Site Scripting Vulnerability", "sources": [ { "db": "IVD", "id": "5dd0e308-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5084" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "XSS", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-294" } ], "trust": 0.6 } }
var-201407-0604
Vulnerability from variot
The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens' product database servers, which can be exploited by remote attackers to escalate privileges and perform unauthorized actions. SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A security vulnerability exists in the database server of versions prior to Siemens SIMATIC WinCC 7.3 used by PCS7 and other products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0604", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": "eq", "trust": 2.4, "vendor": "wincc", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 2.4, "vendor": "wincc", "version": "7.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.4, "vendor": "siemens", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "wincc", "version": "7.1" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "wincc", "version": "*" }, { "model": "pcs7", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "8.1" }, { "model": "wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" } ], "sources": [ { "db": "IVD", "id": "7d7feb11-463f-11e9-a766-000c29342cb1" }, { "db": "IVD", "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "2ce952e5-3809-407f-81cb-08454c69b74b" }, { "db": "CNVD", "id": "CNVD-2014-04663" }, { "db": "BID", "id": "68880" }, { "db": "JVNDB", "id": "JVNDB-2014-003567" }, { "db": "CNNVD", "id": "CNNVD-201407-604" }, { "db": "NVD", "id": "CVE-2014-4684" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003567" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vendor reported this issue.", "sources": [ { "db": "BID", "id": "68880" } ], "trust": 0.3 }, "cve": "CVE-2014-4684", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "CVE-2014-4684", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "CNVD-2014-04663", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "7d7feb11-463f-11e9-a766-000c29342cb1", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "2ce952e5-3809-407f-81cb-08454c69b74b", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.8, "id": "VHN-72625", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:S/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2014-4684", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2014-4684", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2014-04663", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201407-604", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "7d7feb11-463f-11e9-a766-000c29342cb1", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "2ce952e5-3809-407f-81cb-08454c69b74b", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-72625", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "7d7feb11-463f-11e9-a766-000c29342cb1" }, { "db": "IVD", "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "2ce952e5-3809-407f-81cb-08454c69b74b" }, { "db": "CNVD", "id": "CNVD-2014-04663" }, { "db": "VULHUB", "id": "VHN-72625" }, { "db": "JVNDB", "id": "JVNDB-2014-003567" }, { "db": "CNNVD", "id": "CNNVD-201407-604" }, { "db": "NVD", "id": "CVE-2014-4684" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens\u0027 product database servers, which can be exploited by remote attackers to escalate privileges and perform unauthorized actions. SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A security vulnerability exists in the database server of versions prior to Siemens SIMATIC WinCC 7.3 used by PCS7 and other products", "sources": [ { "db": "NVD", "id": "CVE-2014-4684" }, { "db": "JVNDB", "id": "JVNDB-2014-003567" }, { "db": "CNVD", "id": "CNVD-2014-04663" }, { "db": "BID", "id": "68880" }, { "db": "IVD", "id": "7d7feb11-463f-11e9-a766-000c29342cb1" }, { "db": "IVD", "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "2ce952e5-3809-407f-81cb-08454c69b74b" }, { "db": "VULHUB", "id": "VHN-72625" } ], "trust": 3.06 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-4684", "trust": 4.1 }, { "db": "SIEMENS", "id": "SSA-214365", "trust": 2.3 }, { "db": "CNNVD", "id": "CNNVD-201407-604", "trust": 1.3 }, { "db": "CNVD", "id": "CNVD-2014-04663", "trust": 1.2 }, { "db": "BID", "id": "68880", "trust": 1.0 }, { "db": "ICS CERT", "id": "ICSA-14-205-02", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2014-003567", "trust": 0.8 }, { "db": "SECUNIA", "id": "60392", "trust": 0.6 }, { "db": "SECUNIA", "id": "60388", "trust": 0.6 }, { "db": "IVD", "id": "7D7FEB11-463F-11E9-A766-000C29342CB1", "trust": 0.2 }, { "db": "IVD", "id": "E2D4CC60-2351-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "IVD", "id": "2CE952E5-3809-407F-81CB-08454C69B74B", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-72625", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127660", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "7d7feb11-463f-11e9-a766-000c29342cb1" }, { "db": "IVD", "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "2ce952e5-3809-407f-81cb-08454c69b74b" }, { "db": "CNVD", "id": "CNVD-2014-04663" }, { "db": "VULHUB", "id": "VHN-72625" }, { "db": "BID", "id": "68880" }, { "db": "JVNDB", "id": "JVNDB-2014-003567" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-604" }, { "db": "NVD", "id": "CVE-2014-4684" } ] }, "id": "VAR-201407-0604", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "7d7feb11-463f-11e9-a766-000c29342cb1" }, { "db": "IVD", "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "2ce952e5-3809-407f-81cb-08454c69b74b" }, { "db": "CNVD", "id": "CNVD-2014-04663" }, { "db": "VULHUB", "id": "VHN-72625" } ], "trust": 2.003642875 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.2 } ], "sources": [ { "db": "IVD", "id": "7d7feb11-463f-11e9-a766-000c29342cb1" }, { "db": "IVD", "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "2ce952e5-3809-407f-81cb-08454c69b74b" }, { "db": "CNVD", "id": "CNVD-2014-04663" } ] }, "last_update_date": "2024-11-23T22:31:17.726000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-214365", "trust": 0.8, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf" }, { "title": "Siemens product database server remote privilege escalation vulnerability patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/47900" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-04663" }, { "db": "JVNDB", "id": "JVNDB-2014-003567" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-72625" }, { "db": "JVNDB", "id": "JVNDB-2014-003567" }, { "db": "NVD", "id": "CVE-2014-4684" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4684" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4684" }, { "trust": 0.8, "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60388" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60392" }, { "trust": 0.3, "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-04663" }, { "db": "VULHUB", "id": "VHN-72625" }, { "db": "BID", "id": "68880" }, { "db": "JVNDB", "id": "JVNDB-2014-003567" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-604" }, { "db": "NVD", "id": "CVE-2014-4684" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "7d7feb11-463f-11e9-a766-000c29342cb1" }, { "db": "IVD", "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "2ce952e5-3809-407f-81cb-08454c69b74b" }, { "db": "CNVD", "id": "CNVD-2014-04663" }, { "db": "VULHUB", "id": "VHN-72625" }, { "db": "BID", "id": "68880" }, { "db": "JVNDB", "id": "JVNDB-2014-003567" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-604" }, { "db": "NVD", "id": "CVE-2014-4684" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "7d7feb11-463f-11e9-a766-000c29342cb1" }, { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d" }, { "date": "2014-07-28T00:00:00", "db": "IVD", "id": "2ce952e5-3809-407f-81cb-08454c69b74b" }, { "date": "2014-07-28T00:00:00", "db": "CNVD", "id": "CNVD-2014-04663" }, { "date": "2014-07-24T00:00:00", "db": "VULHUB", "id": "VHN-72625" }, { "date": "2014-07-23T00:00:00", "db": "BID", "id": "68880" }, { "date": "2014-07-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003567" }, { "date": "2014-07-29T22:37:22", "db": "PACKETSTORM", "id": "127660" }, { "date": "2014-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201407-604" }, { "date": "2014-07-24T14:55:08.097000", "db": "NVD", "id": "CVE-2014-4684" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-07-28T00:00:00", "db": "CNVD", "id": "CNVD-2014-04663" }, { "date": "2014-07-25T00:00:00", "db": "VULHUB", "id": "VHN-72625" }, { "date": "2014-10-08T06:59:00", "db": "BID", "id": "68880" }, { "date": "2014-08-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003567" }, { "date": "2014-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201407-604" }, { "date": "2024-11-21T02:10:41.950000", "db": "NVD", "id": "CVE-2014-4684" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201407-604" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC PCS 7 Used in products such as SIMATIC WinCC of Vulnerability that can be obtained privilege in the database server", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003567" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Permission permission and access control", "sources": [ { "db": "IVD", "id": "7d7feb11-463f-11e9-a766-000c29342cb1" }, { "db": "IVD", "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "2ce952e5-3809-407f-81cb-08454c69b74b" } ], "trust": 0.6 } }
var-202306-0974
Vulnerability from variot
A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These services were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents. simatic net pc software , SIMATIC PCS 7 , SIMATIC WinCC Unspecified vulnerabilities exist in multiple Siemens products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202306-0974", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic net pc software", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic net pc software", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "sinaut st7sc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic net pc software", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "sinaut st7sc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-014286" }, { "db": "NVD", "id": "CVE-2023-28829" } ] }, "cve": "CVE-2023-28829", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2023-28829", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "HIGH", "attackVector": "ADJACENT", "author": "productcert@siemens.com", "availabilityImpact": "LOW", "baseScore": 3.9, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "exploitabilityScore": 0.5, "id": "CVE-2023-28829", "impactScore": 3.4, "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2023-28829", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-28829", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2023-28829", "trust": 1.0, "value": "LOW" }, { "author": "NVD", "id": "CVE-2023-28829", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202306-882", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-014286" }, { "db": "CNNVD", "id": "CNNVD-202306-882" }, { "db": "NVD", "id": "CVE-2023-28829" }, { "db": "NVD", "id": "CVE-2023-28829" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions \u003c V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms \u0026 Events)) were used per default. These\r\nservices were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents. simatic net pc software , SIMATIC PCS 7 , SIMATIC WinCC Unspecified vulnerabilities exist in multiple Siemens products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", "sources": [ { "db": "NVD", "id": "CVE-2023-28829" }, { "db": "JVNDB", "id": "JVNDB-2023-014286" }, { "db": "VULMON", "id": "CVE-2023-28829" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-28829", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-508677", "trust": 2.5 }, { "db": "JVN", "id": "JVNVU99464755", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-166-05", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-014286", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202306-882", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-28829", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-28829" }, { "db": "JVNDB", "id": "JVNDB-2023-014286" }, { "db": "CNNVD", "id": "CNNVD-202306-882" }, { "db": "NVD", "id": "CVE-2023-28829" } ] }, "id": "VAR-202306-0974", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.619477415 }, "last_update_date": "2024-08-14T12:54:22.598000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Siemens SIMATIC PCS 7 Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=244458" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202306-882" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-477", "trust": 1.0 }, { "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-014286" }, { "db": "NVD", "id": "CVE-2023-28829" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu99464755/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-28829" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-05" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2023-28829/" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-28829" }, { "db": "JVNDB", "id": "JVNDB-2023-014286" }, { "db": "CNNVD", "id": "CNNVD-202306-882" }, { "db": "NVD", "id": "CVE-2023-28829" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2023-28829" }, { "db": "JVNDB", "id": "JVNDB-2023-014286" }, { "db": "CNNVD", "id": "CNNVD-202306-882" }, { "db": "NVD", "id": "CVE-2023-28829" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-06-13T00:00:00", "db": "VULMON", "id": "CVE-2023-28829" }, { "date": "2023-12-22T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-014286" }, { "date": "2023-06-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202306-882" }, { "date": "2023-06-13T09:15:16.707000", "db": "NVD", "id": "CVE-2023-28829" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-06-13T00:00:00", "db": "VULMON", "id": "CVE-2023-28829" }, { "date": "2023-12-22T08:15:00", "db": "JVNDB", "id": "JVNDB-2023-014286" }, { "date": "2023-07-06T00:00:00", "db": "CNNVD", "id": "CNNVD-202306-882" }, { "date": "2023-07-05T17:36:45.750000", "db": "NVD", "id": "CVE-2023-28829" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202306-882" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vulnerabilities in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-014286" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202306-882" } ], "trust": 0.6 } }
var-202306-1109
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC S7-PM (All versions < V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions < V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server.
An attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system's server
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202306-1109", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-pm", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic step 7", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.7" } ], "sources": [ { "db": "NVD", "id": "CVE-2023-25910" } ] }, "cve": "CVE-2023-25910", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2023-25910", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "id": "CVE-2023-25910", "impactScore": 6.0, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-25910", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2023-25910", "trust": 1.0, "value": "CRITICAL" }, { "author": "CNNVD", "id": "CNNVD-202306-934", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202306-934" }, { "db": "NVD", "id": "CVE-2023-25910" }, { "db": "NVD", "id": "CVE-2023-25910" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 (All versions \u003c V9.1 SP2 UC04), SIMATIC S7-PM (All versions \u003c V5.7 SP1 HF1), SIMATIC S7-PM (All versions \u003c V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions \u003c V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server. \r\n\r\nAn attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system\u0027s server", "sources": [ { "db": "NVD", "id": "CVE-2023-25910" }, { "db": "VULMON", "id": "CVE-2023-25910" } ], "trust": 0.99 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "SIEMENS", "id": "SSA-968170", "trust": 1.7 }, { "db": "NVD", "id": "CVE-2023-25910", "trust": 1.7 }, { "db": "CNNVD", "id": "CNNVD-202306-934", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-25910", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-25910" }, { "db": "CNNVD", "id": "CNNVD-202306-934" }, { "db": "NVD", "id": "CVE-2023-25910" } ] }, "id": "VAR-202306-1109", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.6282519 }, "last_update_date": "2024-08-14T14:49:01.993000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Siemens SIMATIC PCS 7 Fixes for code injection vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=242374" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202306-934" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-94", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2023-25910" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-968170.html" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2023-25910/" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2023-25910" }, { "db": "CNNVD", "id": "CNNVD-202306-934" }, { "db": "NVD", "id": "CVE-2023-25910" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2023-25910" }, { "db": "CNNVD", "id": "CNNVD-202306-934" }, { "db": "NVD", "id": "CVE-2023-25910" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-06-13T00:00:00", "db": "VULMON", "id": "CVE-2023-25910" }, { "date": "2023-06-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202306-934" }, { "date": "2023-06-13T09:15:16.280000", "db": "NVD", "id": "CVE-2023-25910" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-06-13T00:00:00", "db": "VULMON", "id": "CVE-2023-25910" }, { "date": "2023-06-21T00:00:00", "db": "CNNVD", "id": "CNNVD-202306-934" }, { "date": "2024-05-14T16:15:28.993000", "db": "NVD", "id": "CVE-2023-25910" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202306-934" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC PCS 7 Code injection vulnerability", "sources": [ { "db": "CNNVD", "id": "CNNVD-202306-934" } ], "trust": 0.6 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code injection", "sources": [ { "db": "CNNVD", "id": "CNNVD-202306-934" } ], "trust": 0.6 } }
var-201209-0223
Vulnerability from variot
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote attackers to read a (1) log file or (2) configuration file via a direct request. Siemens SIMATIC is an automation software in a single engineering environment. The Siemens SIMATIC WinCC WebNavigator component incorrectly handles input, allowing an attacker to read system files using a directory traversal sequence. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.
The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50568
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
RELEASE DATE: 2012-09-11
DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50568/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.
1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user.
3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.
SOLUTION: Apply Update 3.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.
ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0223", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "6.0" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.0 sp3" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "wincc", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "77.x" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "5dd6af86-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5083" }, { "db": "JVNDB", "id": "JVNDB-2012-004447" }, { "db": "CNNVD", "id": "CNNVD-201209-293" }, { "db": "NVD", "id": "CVE-2012-3030" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-004447" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Denis Baranov Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov,Timur Yunusov from Positive Technologies", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-293" } ], "trust": 0.6 }, "cve": "CVE-2012-3030", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2012-3030", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "5dd6af86-2353-11e6-abef-000c29c66e3d", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-56311", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2012-3030", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2012-3030", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-201209-293", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "5dd6af86-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-56311", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "5dd6af86-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-56311" }, { "db": "JVNDB", "id": "JVNDB-2012-004447" }, { "db": "CNNVD", "id": "CNNVD-201209-293" }, { "db": "NVD", "id": "CVE-2012-3030" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote attackers to read a (1) log file or (2) configuration file via a direct request. Siemens SIMATIC is an automation software in a single engineering environment. The Siemens SIMATIC WinCC WebNavigator component incorrectly handles input, allowing an attacker to read system files using a directory traversal sequence. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2012-3030" }, { "db": "JVNDB", "id": "JVNDB-2012-004447" }, { "db": "CNVD", "id": "CNVD-2012-5083" }, { "db": "BID", "id": "55492" }, { "db": "IVD", "id": "5dd6af86-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-56311" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" } ], "trust": 2.88 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2012-3030", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-864051", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-12-256-01", "trust": 2.5 }, { "db": "CNNVD", "id": "CNNVD-201209-293", "trust": 0.9 }, { "db": "BID", "id": "55492", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2012-5083", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2012-004447", "trust": 0.8 }, { "db": "SECUNIA", "id": "50568", "trust": 0.8 }, { "db": "NSFOCUS", "id": "20651", "trust": 0.6 }, { "db": "NSFOCUS", "id": "20932", "trust": 0.6 }, { "db": "IVD", "id": "5DD6AF86-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "SECUNIA", "id": "50581", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-56311", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116445", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116447", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "5dd6af86-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5083" }, { "db": "VULHUB", "id": "VHN-56311" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004447" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-293" }, { "db": "NVD", "id": "CVE-2012-3030" } ] }, "id": "VAR-201209-0223", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "5dd6af86-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5083" }, { "db": "VULHUB", "id": "VHN-56311" } ], "trust": 1.5048571666666666 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "5dd6af86-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5083" } ] }, "last_update_date": "2024-11-23T21:46:02.561000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.siemens.com/" }, { "title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/entry/jp/ja/" }, { "title": "Patch for Siemens SIMATIC WinCC arbitrary file read vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/22131" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-5083" }, { "db": "JVNDB", "id": "JVNDB-2012-004447" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-56311" }, { "db": "JVNDB", "id": "JVNDB-2012-004447" }, { "db": "NVD", "id": "CVE-2012-3030" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf" }, { "trust": 1.9, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf" }, { "trust": 1.7, "url": "http://en.securitylab.ru/lab/pt-2012-43" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3030" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3030" }, { "trust": 0.6, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp" }, { "trust": 0.6, "url": "http://secunia.com/advisories/50568" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/55492" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/20932" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/20651" }, { "trust": 0.3, "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.2, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.2, "url": "http://secunia.com/blog/325/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50581/#comments" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50581/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50568/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50568/#comments" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-5083" }, { "db": "VULHUB", "id": "VHN-56311" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004447" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-293" }, { "db": "NVD", "id": "CVE-2012-3030" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "5dd6af86-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5083" }, { "db": "VULHUB", "id": "VHN-56311" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004447" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-293" }, { "db": "NVD", "id": "CVE-2012-3030" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-09-13T00:00:00", "db": "IVD", "id": "5dd6af86-2353-11e6-abef-000c29c66e3d" }, { "date": "2012-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2012-5083" }, { "date": "2012-09-18T00:00:00", "db": "VULHUB", "id": "VHN-56311" }, { "date": "2012-09-11T00:00:00", "db": "BID", "id": "55492" }, { "date": "2012-09-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004447" }, { "date": "2012-09-11T07:30:00", "db": "PACKETSTORM", "id": "116445" }, { "date": "2012-09-11T07:30:06", "db": "PACKETSTORM", "id": "116447" }, { "date": "2012-09-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201209-293" }, { "date": "2012-09-18T14:55:01.443000", "db": "NVD", "id": "CVE-2012-3030" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2012-5083" }, { "date": "2012-12-20T00:00:00", "db": "VULHUB", "id": "VHN-56311" }, { "date": "2012-09-12T22:50:00", "db": "BID", "id": "55492" }, { "date": "2012-09-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004447" }, { "date": "2012-09-20T00:00:00", "db": "CNNVD", "id": "CNNVD-201209-293" }, { "date": "2024-11-21T01:40:08.963000", "db": "NVD", "id": "CVE-2012-3030" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-293" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC Arbitrary File Read Vulnerability", "sources": [ { "db": "IVD", "id": "5dd6af86-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5083" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-293" } ], "trust": 0.6 } }
var-201209-0225
Vulnerability from variot
SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.
The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50568
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
RELEASE DATE: 2012-09-11
DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50568/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.
1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user.
2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.
SOLUTION: Apply Update 3.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.
ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0225", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "6.0" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.0 sp3" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "wincc", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "77.x" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "5e1894b4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5086" }, { "db": "JVNDB", "id": "JVNDB-2012-004449" }, { "db": "CNNVD", "id": "CNNVD-201209-295" }, { "db": "NVD", "id": "CVE-2012-3032" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-004449" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Denis Baranov Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov,Timur Yunusov from Positive Technologies", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-295" } ], "trust": 0.6 }, "cve": "CVE-2012-3032", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2012-3032", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "5e1894b4-2353-11e6-abef-000c29c66e3d", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-56313", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2012-3032", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2012-3032", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-201209-295", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "5e1894b4-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-56313", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "5e1894b4-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-56313" }, { "db": "JVNDB", "id": "JVNDB-2012-004449" }, { "db": "CNNVD", "id": "CNNVD-201209-295" }, { "db": "NVD", "id": "CVE-2012-3032" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2012-3032" }, { "db": "JVNDB", "id": "JVNDB-2012-004449" }, { "db": "CNVD", "id": "CNVD-2012-5086" }, { "db": "BID", "id": "55492" }, { "db": "IVD", "id": "5e1894b4-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-56313" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" } ], "trust": 2.88 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2012-3032", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-864051", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-12-256-01", "trust": 2.5 }, { "db": "CNNVD", "id": "CNNVD-201209-295", "trust": 0.9 }, { "db": "BID", "id": "55492", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2012-5086", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2012-004449", "trust": 0.8 }, { "db": "SECUNIA", "id": "50568", "trust": 0.8 }, { "db": "NSFOCUS", "id": "20935", "trust": 0.6 }, { "db": "NSFOCUS", "id": "20651", "trust": 0.6 }, { "db": "IVD", "id": "5E1894B4-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "SECUNIA", "id": "50581", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-56313", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116445", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116447", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "5e1894b4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5086" }, { "db": "VULHUB", "id": "VHN-56313" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004449" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-295" }, { "db": "NVD", "id": "CVE-2012-3032" } ] }, "id": "VAR-201209-0225", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "5e1894b4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5086" }, { "db": "VULHUB", "id": "VHN-56313" } ], "trust": 1.5048571666666666 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "5e1894b4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5086" } ] }, "last_update_date": "2024-11-23T21:46:02.671000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.siemens.com/" }, { "title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/entry/jp/ja/" }, { "title": "Patch for Siemens SIMATIC WinCC SOAP SQL Injection Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/22133" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-5086" }, { "db": "JVNDB", "id": "JVNDB-2012-004449" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-89", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-56313" }, { "db": "JVNDB", "id": "JVNDB-2012-004449" }, { "db": "NVD", "id": "CVE-2012-3032" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf" }, { "trust": 1.9, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf" }, { "trust": 1.7, "url": "http://en.securitylab.ru/lab/pt-2012-44" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3032" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3032" }, { "trust": 0.6, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp" }, { "trust": 0.6, "url": "http://secunia.com/advisories/50568" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/55492" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/20935" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/20651" }, { "trust": 0.3, "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.2, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.2, "url": "http://secunia.com/blog/325/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50581/#comments" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50581/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50568/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50568/#comments" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-5086" }, { "db": "VULHUB", "id": "VHN-56313" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004449" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-295" }, { "db": "NVD", "id": "CVE-2012-3032" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "5e1894b4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5086" }, { "db": "VULHUB", "id": "VHN-56313" }, { "db": "BID", "id": "55492" }, { "db": "JVNDB", "id": "JVNDB-2012-004449" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-295" }, { "db": "NVD", "id": "CVE-2012-3032" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-09-13T00:00:00", "db": "IVD", "id": "5e1894b4-2353-11e6-abef-000c29c66e3d" }, { "date": "2012-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2012-5086" }, { "date": "2012-09-18T00:00:00", "db": "VULHUB", "id": "VHN-56313" }, { "date": "2012-09-11T00:00:00", "db": "BID", "id": "55492" }, { "date": "2012-09-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004449" }, { "date": "2012-09-11T07:30:00", "db": "PACKETSTORM", "id": "116445" }, { "date": "2012-09-11T07:30:06", "db": "PACKETSTORM", "id": "116447" }, { "date": "2012-09-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201209-295" }, { "date": "2012-09-18T14:55:01.537000", "db": "NVD", "id": "CVE-2012-3032" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2012-5086" }, { "date": "2012-09-19T00:00:00", "db": "VULHUB", "id": "VHN-56313" }, { "date": "2012-09-12T22:50:00", "db": "BID", "id": "55492" }, { "date": "2012-09-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004449" }, { "date": "2012-09-20T00:00:00", "db": "CNNVD", "id": "CNNVD-201209-295" }, { "date": "2024-11-21T01:40:09.207000", "db": "NVD", "id": "CVE-2012-3032" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-295" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens WinCC of WebNavigator In SQL Injection vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-004449" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SQL injection", "sources": [ { "db": "IVD", "id": "5e1894b4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201209-295" } ], "trust": 0.8 } }
var-201407-0605
Vulnerability from variot
Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A number of Siemens products have local privilege escalation vulnerabilities that allow an attacker to exploit vulnerabilities to escalate permissions on affected computers. Siemens SIMATIC WinCC and PCS 7 are prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges on affected computers. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A security vulnerability exists in versions prior to Siemens SIMATIC WinCC 7.3 used by PCS7 and other products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0605", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": "eq", "trust": 2.4, "vendor": "wincc", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 2.4, "vendor": "wincc", "version": "7.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.4, "vendor": "siemens", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 1.2, "vendor": "wincc", "version": "7.1" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "wincc", "version": "*" }, { "model": "pcs7", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.2" } ], "sources": [ { "db": "IVD", "id": "7d76ea61-463f-11e9-a2da-000c29342cb1" }, { "db": "IVD", "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "d7eabc36-02a7-4430-8646-7d7359179ce3" }, { "db": "CNVD", "id": "CNVD-2014-04695" }, { "db": "JVNDB", "id": "JVNDB-2014-003568" }, { "db": "CNNVD", "id": "CNNVD-201407-605" }, { "db": "NVD", "id": "CVE-2014-4685" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003568" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai\nfrom Positive Technologies", "sources": [ { "db": "BID", "id": "68872" } ], "trust": 0.3 }, "cve": "CVE-2014-4685", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CVE-2014-4685", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2014-04695", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "7d76ea61-463f-11e9-a2da-000c29342cb1", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "d7eabc36-02a7-4430-8646-7d7359179ce3", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-72626", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2014-4685", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2014-4685", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2014-04695", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201407-605", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "7d76ea61-463f-11e9-a2da-000c29342cb1", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "d7eabc36-02a7-4430-8646-7d7359179ce3", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-72626", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "7d76ea61-463f-11e9-a2da-000c29342cb1" }, { "db": "IVD", "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "d7eabc36-02a7-4430-8646-7d7359179ce3" }, { "db": "CNVD", "id": "CNVD-2014-04695" }, { "db": "VULHUB", "id": "VHN-72626" }, { "db": "JVNDB", "id": "JVNDB-2014-003568" }, { "db": "CNNVD", "id": "CNNVD-201407-605" }, { "db": "NVD", "id": "CVE-2014-4685" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A number of Siemens products have local privilege escalation vulnerabilities that allow an attacker to exploit vulnerabilities to escalate permissions on affected computers. Siemens SIMATIC WinCC and PCS 7 are prone to a local privilege-escalation vulnerability. \nAttackers can exploit this issue to gain elevated privileges on affected computers. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A security vulnerability exists in versions prior to Siemens SIMATIC WinCC 7.3 used by PCS7 and other products", "sources": [ { "db": "NVD", "id": "CVE-2014-4685" }, { "db": "JVNDB", "id": "JVNDB-2014-003568" }, { "db": "CNVD", "id": "CNVD-2014-04695" }, { "db": "BID", "id": "68872" }, { "db": "IVD", "id": "7d76ea61-463f-11e9-a2da-000c29342cb1" }, { "db": "IVD", "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "d7eabc36-02a7-4430-8646-7d7359179ce3" }, { "db": "VULHUB", "id": "VHN-72626" } ], "trust": 3.06 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2014-4685", "trust": 4.1 }, { "db": "SIEMENS", "id": "SSA-214365", "trust": 2.0 }, { "db": "CNNVD", "id": "CNNVD-201407-605", "trust": 1.3 }, { "db": "CNVD", "id": "CNVD-2014-04695", "trust": 1.2 }, { "db": "ICS CERT", "id": "ICSA-14-205-02", "trust": 1.1 }, { "db": "BID", "id": "68872", "trust": 1.0 }, { "db": "JVNDB", "id": "JVNDB-2014-003568", "trust": 0.8 }, { "db": "SECUNIA", "id": "60392", "trust": 0.6 }, { "db": "SECUNIA", "id": "60388", "trust": 0.6 }, { "db": "IVD", "id": "7D76EA61-463F-11E9-A2DA-000C29342CB1", "trust": 0.2 }, { "db": "IVD", "id": "E2D14A5E-2351-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "IVD", "id": "D7EABC36-02A7-4430-8646-7D7359179CE3", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-72626", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "127660", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "7d76ea61-463f-11e9-a2da-000c29342cb1" }, { "db": "IVD", "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "d7eabc36-02a7-4430-8646-7d7359179ce3" }, { "db": "CNVD", "id": "CNVD-2014-04695" }, { "db": "VULHUB", "id": "VHN-72626" }, { "db": "BID", "id": "68872" }, { "db": "JVNDB", "id": "JVNDB-2014-003568" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-605" }, { "db": "NVD", "id": "CVE-2014-4685" } ] }, "id": "VAR-201407-0605", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "7d76ea61-463f-11e9-a2da-000c29342cb1" }, { "db": "IVD", "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "d7eabc36-02a7-4430-8646-7d7359179ce3" }, { "db": "CNVD", "id": "CNVD-2014-04695" }, { "db": "VULHUB", "id": "VHN-72626" } ], "trust": 2.003642875 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.2 } ], "sources": [ { "db": "IVD", "id": "7d76ea61-463f-11e9-a2da-000c29342cb1" }, { "db": "IVD", "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "d7eabc36-02a7-4430-8646-7d7359179ce3" }, { "db": "CNVD", "id": "CNVD-2014-04695" } ] }, "last_update_date": "2024-11-23T22:31:17.778000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-214365", "trust": 0.8, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf" }, { "title": "A patch for Siemens\u0027 local product privilege escalation vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/47934" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-04695" }, { "db": "JVNDB", "id": "JVNDB-2014-003568" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-72626" }, { "db": "JVNDB", "id": "JVNDB-2014-003568" }, { "db": "NVD", "id": "CVE-2014-4685" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf" }, { "trust": 1.1, "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4685" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4685" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/68872/info" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60388" }, { "trust": 0.6, "url": "http://secunia.com/advisories/60392" }, { "trust": 0.3, "url": "http://www.siemens.com/" }, { "trust": 0.3, "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2014-04695" }, { "db": "VULHUB", "id": "VHN-72626" }, { "db": "BID", "id": "68872" }, { "db": "JVNDB", "id": "JVNDB-2014-003568" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-605" }, { "db": "NVD", "id": "CVE-2014-4685" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "7d76ea61-463f-11e9-a2da-000c29342cb1" }, { "db": "IVD", "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "d7eabc36-02a7-4430-8646-7d7359179ce3" }, { "db": "CNVD", "id": "CNVD-2014-04695" }, { "db": "VULHUB", "id": "VHN-72626" }, { "db": "BID", "id": "68872" }, { "db": "JVNDB", "id": "JVNDB-2014-003568" }, { "db": "PACKETSTORM", "id": "127660" }, { "db": "CNNVD", "id": "CNNVD-201407-605" }, { "db": "NVD", "id": "CVE-2014-4685" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-07-30T00:00:00", "db": "IVD", "id": "7d76ea61-463f-11e9-a2da-000c29342cb1" }, { "date": "2014-07-30T00:00:00", "db": "IVD", "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d" }, { "date": "2014-07-30T00:00:00", "db": "IVD", "id": "d7eabc36-02a7-4430-8646-7d7359179ce3" }, { "date": "2014-07-29T00:00:00", "db": "CNVD", "id": "CNVD-2014-04695" }, { "date": "2014-07-24T00:00:00", "db": "VULHUB", "id": "VHN-72626" }, { "date": "2014-07-23T00:00:00", "db": "BID", "id": "68872" }, { "date": "2014-07-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003568" }, { "date": "2014-07-29T22:37:22", "db": "PACKETSTORM", "id": "127660" }, { "date": "2014-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201407-605" }, { "date": "2014-07-24T14:55:08.143000", "db": "NVD", "id": "CVE-2014-4685" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2014-07-30T00:00:00", "db": "CNVD", "id": "CNVD-2014-04695" }, { "date": "2014-07-25T00:00:00", "db": "VULHUB", "id": "VHN-72626" }, { "date": "2015-03-19T09:46:00", "db": "BID", "id": "68872" }, { "date": "2014-08-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2014-003568" }, { "date": "2014-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201407-605" }, { "date": "2024-11-21T02:10:42.087000", "db": "NVD", "id": "CVE-2014-4685" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "68872" }, { "db": "CNNVD", "id": "CNNVD-201407-605" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC PCS 7 Used in products such as SIMATIC WinCC Vulnerability gained in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2014-003568" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Permission permission and access control", "sources": [ { "db": "IVD", "id": "7d76ea61-463f-11e9-a2da-000c29342cb1" }, { "db": "IVD", "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "d7eabc36-02a7-4430-8646-7d7359179ce3" } ], "trust": 0.6 } }
var-201303-0256
Vulnerability from variot
Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long parameter. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0256", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.4, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.0 sp1" }, { "model": "wincc", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c8.0" }, { "model": "simatic pcs7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "5.0" }, { "model": "simatic wincc siemens simatic pcs sp1", "scope": "lt", "trust": 0.2, "vendor": "siemens", "version": "7.27\u003c8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02143" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2013-001987" }, { "db": "CNNVD", "id": "CNNVD-201303-442" }, { "db": "NVD", "id": "CVE-2013-0674" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-001987" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies", "sources": [ { "db": "BID", "id": "58545" }, { "db": "CNNVD", "id": "CNNVD-201303-363" } ], "trust": 0.9 }, "cve": "CVE-2013-0674", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2013-0674", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CNVD-2013-02143", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2013-02175", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-60676", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2013-0674", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2013-0674", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2013-02143", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2013-02175", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201303-442", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "IVD", "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-60676", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02143" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60676" }, { "db": "JVNDB", "id": "JVNDB-2013-001987" }, { "db": "CNNVD", "id": "CNNVD-201303-442" }, { "db": "NVD", "id": "CVE-2013-0674" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long parameter. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions", "sources": [ { "db": "NVD", "id": "CVE-2013-0674" }, { "db": "JVNDB", "id": "JVNDB-2013-001987" }, { "db": "CNVD", "id": "CNVD-2013-02143" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "BID", "id": "58545" }, { "db": "IVD", "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-60676" } ], "trust": 3.42 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2013-0674", "trust": 3.9 }, { "db": "ICS CERT", "id": "ICSA-13-079-02", "trust": 2.8 }, { "db": "SIEMENS", "id": "SSA-714398", "trust": 2.0 }, { "db": "BID", "id": "58545", "trust": 1.5 }, { "db": "CNNVD", "id": "CNNVD-201303-442", "trust": 1.1 }, { "db": "CNVD", "id": "CNVD-2013-02175", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2013-02143", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2013-001987", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201303-363", "trust": 0.6 }, { "db": "IVD", "id": "CB5589EC-1F2F-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "IVD", "id": "08E4D3E0-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-60676", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120899", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02143" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60676" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001987" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-442" }, { "db": "NVD", "id": "CVE-2013-0674" } ] }, "id": "VAR-201303-0256", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02143" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60676" } ], "trust": 2.3048571666666664 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 1.6 } ], "sources": [ { "db": "IVD", "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02143" }, { "db": "CNVD", "id": "CNVD-2013-02175" } ] }, "last_update_date": "2024-11-23T21:45:48.644000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.siemens.com/entry/cc/en/" }, { "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/answers/jp/ja/" }, { "title": "Patch for the Siemens WinCC RegReader ActiveX Control Buffer Overflow Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/32993" }, { "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/33002" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02143" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "JVNDB", "id": "JVNDB-2013-001987" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-60676" }, { "db": "JVNDB", "id": "JVNDB-2013-001987" }, { "db": "NVD", "id": "CVE-2013-0674" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf" }, { "trust": 2.0, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf" }, { "trust": 1.4, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0674" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/58545" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0674" }, { "trust": 0.8, "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf" }, { "trust": 0.3, "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2013-02143" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60676" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001987" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-442" }, { "db": "NVD", "id": "CVE-2013-0674" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02143" }, { "db": "CNVD", "id": "CNVD-2013-02175" }, { "db": "VULHUB", "id": "VHN-60676" }, { "db": "BID", "id": "58545" }, { "db": "JVNDB", "id": "JVNDB-2013-001987" }, { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-442" }, { "db": "NVD", "id": "CVE-2013-0674" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-26T00:00:00", "db": "IVD", "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d" }, { "date": "2013-03-26T00:00:00", "db": "IVD", "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d" }, { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02143" }, { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-21T00:00:00", "db": "VULHUB", "id": "VHN-60676" }, { "date": "2013-03-15T00:00:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001987" }, { "date": "2013-03-21T15:07:17", "db": "PACKETSTORM", "id": "120899" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-22T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-442" }, { "date": "2013-03-21T15:55:01.533000", "db": "NVD", "id": "CVE-2013-0674" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02143" }, { "date": "2013-03-26T00:00:00", "db": "CNVD", "id": "CNVD-2013-02175" }, { "date": "2013-03-22T00:00:00", "db": "VULHUB", "id": "VHN-60676" }, { "date": "2013-04-02T15:37:00", "db": "BID", "id": "58545" }, { "date": "2013-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001987" }, { "date": "2013-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-363" }, { "date": "2013-03-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201303-442" }, { "date": "2024-11-21T01:47:59.223000", "db": "NVD", "id": "CVE-2013-0674" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "120899" }, { "db": "CNNVD", "id": "CNNVD-201303-363" }, { "db": "CNNVD", "id": "CNNVD-201303-442" } ], "trust": 1.3 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens WinCC RegReader ActiveX Control Buffer Overflow Vulnerability", "sources": [ { "db": "IVD", "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2013-02143" }, { "db": "CNNVD", "id": "CNNVD-201303-442" } ], "trust": 1.4 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Buffer overflow", "sources": [ { "db": "IVD", "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d" }, { "db": "IVD", "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d" }, { "db": "CNNVD", "id": "CNNVD-201303-442" } ], "trust": 1.0 } }
var-201209-0222
Vulnerability from variot
Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service. (DoS) There is a possibility of being put into a state. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable.
The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50568
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
RELEASE DATE: 2012-09-11
DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50568/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50568
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.
1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences.
3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.
SOLUTION: Apply Update 3.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.
ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0222", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "6.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "5.0" }, { "model": "wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.0" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "6.2" }, { "model": null, "scope": "eq", "trust": 0.8, "vendor": "wincc", "version": "6.0" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.0 sp3" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "wincc", "version": "7.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "wincc", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "BID", "id": "55493" }, { "db": "JVNDB", "id": "JVNDB-2012-004446" }, { "db": "CNNVD", "id": "CNNVD-201209-303" }, { "db": "NVD", "id": "CVE-2012-3028" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-004446" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov from Positive Technologies", "sources": [ { "db": "BID", "id": "55493" }, { "db": "CNNVD", "id": "CNNVD-201209-303" } ], "trust": 0.9 }, "cve": "CVE-2012-3028", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2012-3028", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CNVD-2012-5088", "impactScore": 7.8, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d", "impactScore": 7.8, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-56309", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2012-3028", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2012-3028", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2012-5088", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201209-303", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-56309", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "VULHUB", "id": "VHN-56309" }, { "db": "JVNDB", "id": "JVNDB-2012-004446" }, { "db": "CNNVD", "id": "CNNVD-201209-303" }, { "db": "NVD", "id": "CVE-2012-3028" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service. (DoS) There is a possibility of being put into a state. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to a cross-site request-forgery vulnerability. \nExploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. This can be\nexploited to execute arbitrary HTML and script code in a user\u0027s\nbrowser session in context of an affected site. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2012-3028" }, { "db": "JVNDB", "id": "JVNDB-2012-004446" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "BID", "id": "55493" }, { "db": "IVD", "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d" }, { "db": "VULHUB", "id": "VHN-56309" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" } ], "trust": 2.88 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2012-3028", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-864051", "trust": 2.8 }, { "db": "ICS CERT", "id": "ICSA-12-256-01", "trust": 2.5 }, { "db": "BID", "id": "55493", "trust": 1.0 }, { "db": "CNNVD", "id": "CNNVD-201209-303", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2012-5088", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2012-004446", "trust": 0.8 }, { "db": "SECUNIA", "id": "50581", "trust": 0.8 }, { "db": "NSFOCUS", "id": "20652", "trust": 0.6 }, { "db": "NSFOCUS", "id": "20933", "trust": 0.6 }, { "db": "IVD", "id": "5DDC3EC4-2353-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "SECUNIA", "id": "50568", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-56309", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116445", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116447", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "VULHUB", "id": "VHN-56309" }, { "db": "BID", "id": "55493" }, { "db": "JVNDB", "id": "JVNDB-2012-004446" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-303" }, { "db": "NVD", "id": "CVE-2012-3028" } ] }, "id": "VAR-201209-0222", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "VULHUB", "id": "VHN-56309" } ], "trust": 1.5048571666666666 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" } ] }, "last_update_date": "2024-11-23T21:46:02.455000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.siemens.com/" }, { "title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3", "trust": 0.8, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc", "trust": 0.8, "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx" }, { "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e", "trust": 0.8, "url": "http://www.siemens.com/entry/jp/ja/" }, { "title": "Patch for Siemens SIMATIC WinCC Cross-Site Request Forgery Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/80787" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "JVNDB", "id": "JVNDB-2012-004446" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-352", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-56309" }, { "db": "JVNDB", "id": "JVNDB-2012-004446" }, { "db": "NVD", "id": "CVE-2012-3028" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf" }, { "trust": 2.2, "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf" }, { "trust": 1.7, "url": "http://en.securitylab.ru/lab/pt-2012-42" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3028" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3028" }, { "trust": 0.6, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-864051.pdf" }, { "trust": 0.6, "url": "http://secunia.com/advisories/50581" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/55493" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/20933" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/20652" }, { "trust": 0.3, "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.2, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.2, "url": "http://secunia.com/blog/325/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50581/#comments" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50581/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50568/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/50568/#comments" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "VULHUB", "id": "VHN-56309" }, { "db": "BID", "id": "55493" }, { "db": "JVNDB", "id": "JVNDB-2012-004446" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-303" }, { "db": "NVD", "id": "CVE-2012-3028" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "VULHUB", "id": "VHN-56309" }, { "db": "BID", "id": "55493" }, { "db": "JVNDB", "id": "JVNDB-2012-004446" }, { "db": "PACKETSTORM", "id": "116445" }, { "db": "PACKETSTORM", "id": "116447" }, { "db": "CNNVD", "id": "CNNVD-201209-303" }, { "db": "NVD", "id": "CVE-2012-3028" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-09-13T00:00:00", "db": "IVD", "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d" }, { "date": "2012-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2012-5088" }, { "date": "2012-09-18T00:00:00", "db": "VULHUB", "id": "VHN-56309" }, { "date": "2012-09-11T00:00:00", "db": "BID", "id": "55493" }, { "date": "2012-09-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004446" }, { "date": "2012-09-11T07:30:00", "db": "PACKETSTORM", "id": "116445" }, { "date": "2012-09-11T07:30:06", "db": "PACKETSTORM", "id": "116447" }, { "date": "2012-09-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201209-303" }, { "date": "2012-09-18T14:55:01.397000", "db": "NVD", "id": "CVE-2012-3028" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-08-26T00:00:00", "db": "CNVD", "id": "CNVD-2012-5088" }, { "date": "2012-09-19T00:00:00", "db": "VULHUB", "id": "VHN-56309" }, { "date": "2015-03-19T09:33:00", "db": "BID", "id": "55493" }, { "date": "2012-09-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-004446" }, { "date": "2012-09-18T00:00:00", "db": "CNNVD", "id": "CNNVD-201209-303" }, { "date": "2024-11-21T01:40:08.817000", "db": "NVD", "id": "CVE-2012-3028" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-303" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC Cross-Site Request Forgery Vulnerability", "sources": [ { "db": "IVD", "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2012-5088" }, { "db": "BID", "id": "55493" }, { "db": "CNNVD", "id": "CNNVD-201209-303" } ], "trust": 1.7 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "cross-site request forgery", "sources": [ { "db": "CNNVD", "id": "CNNVD-201209-303" } ], "trust": 0.6 } }
var-201705-3973
Vulnerability from variot
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover. SIMATIC WinCC (TIA Portal), SIMATIC STEP 7, SMART PC Access, SIMATIC Automation Tool, etc. are all industrial automation products from Siemens AG. A number of Siemens industrial products have a denial of service vulnerability. Attackers can exploit this issue to crash the affected device, denying service to legitimate users. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3973", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "smart pc access", "scope": "eq", "trust": 2.5, "vendor": "siemens", "version": "2.0" }, { "model": "simatic wincc", "scope": null, "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "14.0" }, { "model": "sinema server", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "13.0" }, { "model": "sinumerik 808d programming tool", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "sinaut st7cc", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc flexible 2008", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic step 7 micro\\/win smart", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx 2010", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic automation tool", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sinaut st7cc", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "sinumerik 808d programming tool", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic automation tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic step 7 \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic step 7 \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx f 2010", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "primary setup tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic net pc-software", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic step 7 \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13.0" }, { "model": "security configuration tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic wincc flexible", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "2008" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "0" }, { "model": "primary setup tool", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "security configuration tool", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic net pc software", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic step 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "v5.x" }, { "model": "simatic step 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx 2010", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx f 2010", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc flexible 2008", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinema server", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "smart pc access", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "step 7 - micro/win smart", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic step", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "75.x" }, { "model": "simatic winac rtx sp2 all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "simatic winac rtx f sp2 all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "security configuration tool all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "primary setup tool all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7" }, { "model": "simatic wincc professional sp2", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc professional sp1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v14" }, { "model": "simatic step sp2", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003cv13" }, { "model": "simatic step sp1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003cv14" }, { "model": "step micro win smart", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7-/" }, { "model": "simatic net pc-software", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinumerik 808d programming tool", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinema server sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "sinema server sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12.0" }, { "model": "sinema server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12.0-" }, { "model": "sinema server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinaut st7cc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc flexible sp3 up7", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2008" }, { "model": "simatic wincc flexible sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2008" }, { "model": "simatic wincc flexible sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2008" }, { "model": "simatic wincc basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v13" }, { "model": "simatic winac rtx f sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2010" }, { "model": "simatic winac rtx sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2010" }, { "model": "simatic step tia portal", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v14" }, { "model": "simatic step tia portal sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v13" }, { "model": "simatic step tia portal", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v13" }, { "model": "simatic step sp4 hf4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp3 hf10", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp2 hf7", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp1 hf2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic pcs sp4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic net pc-software sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software hf1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software sp2 hf3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic automation tool", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.0.2" }, { "model": "simatic automation tool", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.0" }, { "model": "security configuration tool", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "primary setup tool", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "micro/win", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc sp1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic step tia portal sp1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "714" }, { "model": "simatic step tia portal sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "713" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "pcs 7", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "primary setup tool", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "security configuration tool", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic automation tool", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic net pc", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic step 7 tia portal", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic step 7 tia portal", "version": "13.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic step 7 tia portal", "version": "14.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic step 7 micro win smart", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx f 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "13.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "14.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc flexible 2008", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinaut st7cc", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinema server", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinumerik 808d programming tool", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "smart pc access", "version": "2.0" } ], "sources": [ { "db": "IVD", "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677" }, { "db": "CNVD", "id": "CNVD-2017-06152" }, { "db": "BID", "id": "98366" }, { "db": "JVNDB", "id": "JVNDB-2017-004136" }, { "db": "CNNVD", "id": "CNNVD-201703-632" }, { "db": "NVD", "id": "CVE-2017-6865" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:primary_setup_tool", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:security_configuration_tool", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_automation_tool", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_winac_rtx_2010", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_winac_rtx_f_2010", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_flexible_2008", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:sinaut_st7cc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:sinema_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:sinumerik_808d_programming_tool", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:smart_pc_access", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7_micro%2fwin_smart", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-004136" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Duan JinTong, Ma ShaoShuai, and Cheng Lei from NSFOCUS Security Team.", "sources": [ { "db": "BID", "id": "98366" } ], "trust": 0.3 }, "cve": "CVE-2017-6865", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CVE-2017-6865", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CNVD-2017-06152", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "VHN-115068", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2017-6865", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2017-6865", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2017-6865", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2017-06152", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201703-632", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-115068", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677" }, { "db": "CNVD", "id": "CNVD-2017-06152" }, { "db": "VULHUB", "id": "VHN-115068" }, { "db": "JVNDB", "id": "JVNDB-2017-004136" }, { "db": "CNNVD", "id": "CNNVD-201703-632" }, { "db": "NVD", "id": "CVE-2017-6865" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in Primary Setup Tool (PST) (All versions \u003c V4.2 HF1), SIMATIC Automation Tool (All versions \u003c V3.0), SIMATIC NET PC-Software (All versions \u003c V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1), SIMATIC STEP 7 V5.X (All versions \u003c V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Update 15), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions \u003c flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC \u003c V7.3 Update 15), SINEMA Server (All versions \u003c V14), SINUMERIK 808D Programming Tool (All versions \u003c V4.7 SP4 HF2), SMART PC Access (All versions \u003c V2.3), STEP 7 - Micro/WIN SMART (All versions \u003c V2.3), Security Configuration Tool (SCT) (All versions \u003c V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover. SIMATIC WinCC (TIA Portal), SIMATIC STEP 7, SMART PC Access, SIMATIC Automation Tool, etc. are all industrial automation products from Siemens AG. A number of Siemens industrial products have a denial of service vulnerability. \nAttackers can exploit this issue to crash the affected device, denying service to legitimate users. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC", "sources": [ { "db": "NVD", "id": "CVE-2017-6865" }, { "db": "JVNDB", "id": "JVNDB-2017-004136" }, { "db": "CNVD", "id": "CNVD-2017-06152" }, { "db": "BID", "id": "98366" }, { "db": "IVD", "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677" }, { "db": "VULHUB", "id": "VHN-115068" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2017-6865", "trust": 3.6 }, { "db": "BID", "id": "98366", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-275839", "trust": 1.7 }, { "db": "ICS CERT", "id": "ICSA-17-129-01", "trust": 1.1 }, { "db": "CNNVD", "id": "CNNVD-201703-632", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2017-06152", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2017-004136", "trust": 0.8 }, { "db": "IVD", "id": "1B7B75AD-C1F6-4E73-BE28-FF3E458E7677", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-115068", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677" }, { "db": "CNVD", "id": "CNVD-2017-06152" }, { "db": "VULHUB", "id": "VHN-115068" }, { "db": "BID", "id": "98366" }, { "db": "JVNDB", "id": "JVNDB-2017-004136" }, { "db": "CNNVD", "id": "CNNVD-201703-632" }, { "db": "NVD", "id": "CVE-2017-6865" } ] }, "id": "VAR-201705-3973", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677" }, { "db": "CNVD", "id": "CNVD-2017-06152" }, { "db": "VULHUB", "id": "VHN-115068" } ], "trust": 1.6053430508000002 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677" }, { "db": "CNVD", "id": "CNVD-2017-06152" } ] }, "last_update_date": "2024-11-23T22:56:13.083000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-275839", "trust": 0.8, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-275839.pdf" }, { "title": "There are patches for denial of service vulnerabilities in many Siemens products", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/93344" }, { "title": "Multiple Siemens Fixes for product input validation vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90621" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-06152" }, { "db": "JVNDB", "id": "JVNDB-2017-004136" }, { "db": "CNNVD", "id": "CNNVD-201703-632" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-115068" }, { "db": "JVNDB", "id": "JVNDB-2017-004136" }, { "db": "NVD", "id": "CVE-2017-6865" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://www.securityfocus.com/bid/98366" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf" }, { "trust": 1.1, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-01" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6865" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-6865" }, { "trust": 0.6, "url": "http://www.siemens.com/cert/en/cert-security-advisories.htm" }, { "trust": 0.3, "url": "http://www.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-06152" }, { "db": "VULHUB", "id": "VHN-115068" }, { "db": "BID", "id": "98366" }, { "db": "JVNDB", "id": "JVNDB-2017-004136" }, { "db": "CNNVD", "id": "CNNVD-201703-632" }, { "db": "NVD", "id": "CVE-2017-6865" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677" }, { "db": "CNVD", "id": "CNVD-2017-06152" }, { "db": "VULHUB", "id": "VHN-115068" }, { "db": "BID", "id": "98366" }, { "db": "JVNDB", "id": "JVNDB-2017-004136" }, { "db": "CNNVD", "id": "CNNVD-201703-632" }, { "db": "NVD", "id": "CVE-2017-6865" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-05-09T00:00:00", "db": "IVD", "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677" }, { "date": "2017-05-09T00:00:00", "db": "CNVD", "id": "CNVD-2017-06152" }, { "date": "2017-05-11T00:00:00", "db": "VULHUB", "id": "VHN-115068" }, { "date": "2017-05-09T00:00:00", "db": "BID", "id": "98366" }, { "date": "2017-06-16T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-004136" }, { "date": "2017-03-16T00:00:00", "db": "CNNVD", "id": "CNNVD-201703-632" }, { "date": "2017-05-11T10:29:00.227000", "db": "NVD", "id": "CVE-2017-6865" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-05-09T00:00:00", "db": "CNVD", "id": "CNVD-2017-06152" }, { "date": "2019-03-21T00:00:00", "db": "VULHUB", "id": "VHN-115068" }, { "date": "2017-05-23T16:23:00", "db": "BID", "id": "98366" }, { "date": "2017-09-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-004136" }, { "date": "2019-04-01T00:00:00", "db": "CNNVD", "id": "CNNVD-201703-632" }, { "date": "2024-11-21T03:30:41.443000", "db": "NVD", "id": "CVE-2017-6865" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201703-632" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens Service disruption in products (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-004136" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation", "sources": [ { "db": "IVD", "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677" }, { "db": "CNNVD", "id": "CNNVD-201703-632" } ], "trust": 0.8 } }
var-202006-1521
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information. Multiple Siemens products are vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. A buffer error vulnerability exists in several Siemens products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1521", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "sinamics starter", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.4" }, { "model": "sinamics starter", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.4" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic process device manager", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic step 7", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.6" }, { "model": "simatic step 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.6" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic process devise manager", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic step 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "sinamics starter", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006492" }, { "db": "NVD", "id": "CVE-2020-7586" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_process_device_manager", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:sinamics_starter", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006492" } ] }, "cve": "CVE-2020-7586", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CVE-2020-7586", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.0, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 4.6, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2020-006492", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-185711", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2020-7586", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-006492", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2020-7586", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "JVNDB-2020-006492", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-202006-641", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-185711", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-185711" }, { "db": "JVNDB", "id": "JVNDB-2020-006492" }, { "db": "CNNVD", "id": "CNNVD-202006-641" }, { "db": "NVD", "id": "CVE-2020-7586" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3), SIMATIC PDM (All versions \u003c V9.2), SIMATIC STEP 7 V5.X (All versions \u003c V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions \u003c V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information. Multiple Siemens products are vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. A buffer error vulnerability exists in several Siemens products", "sources": [ { "db": "NVD", "id": "CVE-2020-7586" }, { "db": "JVNDB", "id": "JVNDB-2020-006492" }, { "db": "VULHUB", "id": "VHN-185711" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-7586", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-20-161-05", "trust": 2.5 }, { "db": "SIEMENS", "id": "SSA-689942", "trust": 1.7 }, { "db": "JVN", "id": "JVNVU97501786", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2020-006492", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202006-641", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.2015", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-185711", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-185711" }, { "db": "JVNDB", "id": "JVNDB-2020-006492" }, { "db": "CNNVD", "id": "CNNVD-202006-641" }, { "db": "NVD", "id": "CVE-2020-7586" } ] }, "id": "VAR-202006-1521", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-185711" } ], "trust": 0.7474592999999999 }, "last_update_date": "2024-11-23T19:58:14.845000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-689942", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf" }, { "title": "Multiple Siemens Product Buffer Error Vulnerability Fix", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121656" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006492" }, { "db": "CNNVD", "id": "CNNVD-202006-641" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.9 }, { "problemtype": "CWE-122", "trust": 1.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-185711" }, { "db": "JVNDB", "id": "JVNDB-2020-006492" }, { "db": "NVD", "id": "CVE-2020-7586" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.1, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-05" }, { "trust": 2.3, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-05" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7586" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7586" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu97501786/" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-two-vulnerabilities-32490" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2015/" } ], "sources": [ { "db": "VULHUB", "id": "VHN-185711" }, { "db": "JVNDB", "id": "JVNDB-2020-006492" }, { "db": "CNNVD", "id": "CNNVD-202006-641" }, { "db": "NVD", "id": "CVE-2020-7586" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-185711" }, { "db": "JVNDB", "id": "JVNDB-2020-006492" }, { "db": "CNNVD", "id": "CNNVD-202006-641" }, { "db": "NVD", "id": "CVE-2020-7586" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-06-10T00:00:00", "db": "VULHUB", "id": "VHN-185711" }, { "date": "2020-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-006492" }, { "date": "2020-06-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202006-641" }, { "date": "2020-06-10T17:15:12.520000", "db": "NVD", "id": "CVE-2020-7586" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-04-22T00:00:00", "db": "VULHUB", "id": "VHN-185711" }, { "date": "2020-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-006492" }, { "date": "2022-03-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202006-641" }, { "date": "2024-11-21T05:37:25.427000", "db": "NVD", "id": "CVE-2020-7586" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-641" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Out-of-bounds write vulnerabilities in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006492" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-641" } ], "trust": 0.6 } }
var-201612-0420
Vulnerability from variot
A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions. Siemens SIMATIC WinCC and SIMATIC PCS 7 are industrial automation products from Siemens AG, Germany. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. A security bypass vulnerability exists in versions prior to SIMATIC WinCC 7.2 and in versions prior to SIMATIC PCS 7 8.0 SP1. An attacker could exploit this vulnerability to execute ActiveX components. Attackers can exploit this issue to obtain sensitive information or cause denial-of-service condition
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201612-0420", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic pcs 7", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "8.0 sp1" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.2" }, { "model": "wincc", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c8.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.1" }, { "model": "simatic wincc sp3 upd", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.08" }, { "model": "simatic wincc sp3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc sp2 upd", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.012" }, { "model": "simatic wincc sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc sp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.03" }, { "model": "simatic wincc sp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.02" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78" }, { "model": "simatic pcs sp4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic wincc", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs sp1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" } ], "sources": [ { "db": "IVD", "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8" }, { "db": "CNVD", "id": "CNVD-2016-12696" }, { "db": "BID", "id": "94825" }, { "db": "JVNDB", "id": "JVNDB-2016-006500" }, { "db": "CNNVD", "id": "CNNVD-201612-334" }, { "db": "NVD", "id": "CVE-2016-9160" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-006500" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Mingzheng Li from Acorn Network Security Lab", "sources": [ { "db": "BID", "id": "94825" }, { "db": "CNNVD", "id": "CNNVD-201612-334" } ], "trust": 0.9 }, "cve": "CVE-2016-9160", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2016-9160", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2016-12696", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-97980", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2016-9160", "impactScore": 5.2, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2016-9160", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2016-9160", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2016-12696", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201612-334", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-97980", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8" }, { "db": "CNVD", "id": "CNVD-2016-12696" }, { "db": "VULHUB", "id": "VHN-97980" }, { "db": "JVNDB", "id": "JVNDB-2016-006500" }, { "db": "CNNVD", "id": "CNNVD-201612-334" }, { "db": "NVD", "id": "CVE-2016-9160" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability in SIEMENS SIMATIC WinCC (All versions \u003c SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions \u003c SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions. Siemens SIMATIC WinCC and SIMATIC PCS 7 are industrial automation products from Siemens AG, Germany. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. A security bypass vulnerability exists in versions prior to SIMATIC WinCC 7.2 and in versions prior to SIMATIC PCS 7 8.0 SP1. An attacker could exploit this vulnerability to execute ActiveX components. \nAttackers can exploit this issue to obtain sensitive information or cause denial-of-service condition", "sources": [ { "db": "NVD", "id": "CVE-2016-9160" }, { "db": "JVNDB", "id": "JVNDB-2016-006500" }, { "db": "CNVD", "id": "CNVD-2016-12696" }, { "db": "BID", "id": "94825" }, { "db": "IVD", "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8" }, { "db": "VULHUB", "id": "VHN-97980" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-9160", "trust": 3.6 }, { "db": "BID", "id": "94825", "trust": 2.6 }, { "db": "ICS CERT", "id": "ICSA-16-348-04", "trust": 2.2 }, { "db": "SIEMENS", "id": "SSA-693129", "trust": 2.0 }, { "db": "SECTRACK", "id": "1037435", "trust": 1.1 }, { "db": "CNNVD", "id": "CNNVD-201612-334", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2016-12696", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2016-006500", "trust": 0.8 }, { "db": "IVD", "id": "F04157CB-EDF5-490C-9E17-39C08EA58FA8", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-97980", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8" }, { "db": "CNVD", "id": "CNVD-2016-12696" }, { "db": "VULHUB", "id": "VHN-97980" }, { "db": "BID", "id": "94825" }, { "db": "JVNDB", "id": "JVNDB-2016-006500" }, { "db": "CNNVD", "id": "CNNVD-201612-334" }, { "db": "NVD", "id": "CVE-2016-9160" } ] }, "id": "VAR-201612-0420", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8" }, { "db": "CNVD", "id": "CNVD-2016-12696" }, { "db": "VULHUB", "id": "VHN-97980" } ], "trust": 1.5269656166666667 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8" }, { "db": "CNVD", "id": "CNVD-2016-12696" } ] }, "last_update_date": "2024-11-23T22:56:20.483000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-693129", "trust": 0.8, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf" }, { "title": "Patch for security bypass bugs in SIMATIC WinCC and SIMATIC PCS 7 ActiveX controls", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/86164" }, { "title": "SIMATIC WinCC and SIMATIC PCS 7 Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66299" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-12696" }, { "db": "JVNDB", "id": "JVNDB-2016-006500" }, { "db": "CNNVD", "id": "CNNVD-201612-334" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-254", "trust": 1.9 }, { "problemtype": "CWE-111", "trust": 1.0 } ], "sources": [ { "db": "VULHUB", "id": "VHN-97980" }, { "db": "JVNDB", "id": "JVNDB-2016-006500" }, { "db": "NVD", "id": "CVE-2016-9160" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "http://www.securityfocus.com/bid/94825" }, { "trust": 2.2, "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-348-04" }, { "trust": 2.0, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1037435" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9160" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9160" }, { "trust": 0.3, "url": "http://support.microsoft.com/kb/240797" }, { "trust": 0.3, "url": "http://www.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-12696" }, { "db": "VULHUB", "id": "VHN-97980" }, { "db": "BID", "id": "94825" }, { "db": "JVNDB", "id": "JVNDB-2016-006500" }, { "db": "CNNVD", "id": "CNNVD-201612-334" }, { "db": "NVD", "id": "CVE-2016-9160" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8" }, { "db": "CNVD", "id": "CNVD-2016-12696" }, { "db": "VULHUB", "id": "VHN-97980" }, { "db": "BID", "id": "94825" }, { "db": "JVNDB", "id": "JVNDB-2016-006500" }, { "db": "CNNVD", "id": "CNNVD-201612-334" }, { "db": "NVD", "id": "CVE-2016-9160" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-12-21T00:00:00", "db": "IVD", "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8" }, { "date": "2016-12-21T00:00:00", "db": "CNVD", "id": "CNVD-2016-12696" }, { "date": "2016-12-17T00:00:00", "db": "VULHUB", "id": "VHN-97980" }, { "date": "2016-12-09T00:00:00", "db": "BID", "id": "94825" }, { "date": "2017-01-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-006500" }, { "date": "2016-12-13T00:00:00", "db": "CNNVD", "id": "CNNVD-201612-334" }, { "date": "2016-12-17T03:59:00.263000", "db": "NVD", "id": "CVE-2016-9160" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-12-21T00:00:00", "db": "CNVD", "id": "CNVD-2016-12696" }, { "date": "2017-07-27T00:00:00", "db": "VULHUB", "id": "VHN-97980" }, { "date": "2016-12-20T01:09:00", "db": "BID", "id": "94825" }, { "date": "2017-01-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-006500" }, { "date": "2016-12-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201612-334" }, { "date": "2024-11-21T03:00:43.387000", "db": "NVD", "id": "CVE-2016-9160" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201612-334" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SIEMENS SIMATIC WinCC and SIEMENS SIMATIC PCS 7 In ActiveX Vulnerability that can crash components", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-006500" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "lack of information", "sources": [ { "db": "CNNVD", "id": "CNNVD-201612-334" } ], "trust": 0.6 } }
cve-2023-25910
Vulnerability from cvelistv5
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC PCS 7 |
Version: 0 < V9.1 SP2 UC04 |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:32:12.730Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-968170.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC PCS 7", "vendor": "Siemens", "versions": [ { "lessThan": "V9.1 SP2 UC04", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PM", "vendor": "Siemens", "versions": [ { "lessThan": "V5.7 SP1 HF1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PM", "vendor": "Siemens", "versions": [ { "lessThan": "V5.7 SP2 HF1", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC STEP 7 V5", "vendor": "Siemens", "versions": [ { "lessThan": "V5.7", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC PCS 7 (All versions \u003c V9.1 SP2 UC04), SIMATIC S7-PM (All versions \u003c V5.7 SP1 HF1), SIMATIC S7-PM (All versions \u003c V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions \u003c V5.7). The affected product contains a database management system that could allow remote users with low privileges to use embedded functions of the database (local or in a network share) that have impact on the server.\r\n\r\nAn attacker with network access to the server network could leverage these embedded functions to run code with elevated privileges in the database management system\u0027s server." } ], "metrics": [ { "cvssV3_1": { "baseScore": 10, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:T/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-15T07:23:34.211Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-968170.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2023-25910", "datePublished": "2023-06-13T08:17:04.612Z", "dateReserved": "2023-02-16T11:12:33.500Z", "dateUpdated": "2024-08-02T11:32:12.730Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-10048
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf | x_refsource_MISC |
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Siemens | SIMATIC PCS 7 |
Version: All versions |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T10:50:57.903Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SIMATIC PCS 7", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC WinCC", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V7.5 SP2" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions \u003c V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-288", "description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-02-09T15:38:17", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "productcert@siemens.com", "ID": "CVE-2020-10048", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SIMATIC PCS 7", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC WinCC", "version": { "version_data": [ { "version_value": "All versions \u003c V7.5 SP2" } ] } } ] }, "vendor_name": "Siemens" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions \u003c V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-288: Authentication Bypass Using an Alternate Path or Channel" } ] } ] }, "references": { "reference_data": [ { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2020-10048", "datePublished": "2021-02-09T15:38:17", "dateReserved": "2020-03-04T00:00:00", "dateUpdated": "2024-08-04T10:50:57.903Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }