All the vulnerabilites related to Siemens - SIMATIC WinCC
var-201306-0315
Vulnerability from variot

The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. An attacker can exploit the vulnerability to gain access. The vulnerability is due to the fact that the program has hard-coded accounts

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201306-0315",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 sp1"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2 update 1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "78.x"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002983"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-248"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3958"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002983"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Alexander Tlyapov from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "60561"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-3958",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2013-3958",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-07606",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-63960",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-3958",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-3958",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-07606",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201306-248",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-63960",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63960"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002983"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-248"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3958"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. An attacker can exploit the vulnerability to gain access. The vulnerability is due to the fact that the program has hard-coded accounts",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-3958"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002983"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      },
      {
        "db": "BID",
        "id": "60561"
      },
      {
        "db": "IVD",
        "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63960"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-3958",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345843",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "53805",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "60561",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-248",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07606",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-169-02",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002983",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E69A1CA0-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-63960",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63960"
      },
      {
        "db": "BID",
        "id": "60561"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002983"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-248"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3958"
      }
    ]
  },
  "id": "VAR-201306-0315",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63960"
      }
    ],
    "trust": 1.5048571666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:45:40.059000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345843: Vulnerabilites in WinCC 7.2",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
      },
      {
        "title": "\\302\\240Siemens SIMATIC WinCC/PCS 7 Hardcoded Credential Security Bypass Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/34666"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002983"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-255",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63960"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002983"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3958"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3958"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-13-169-02"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3958"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/53805/"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/53805"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.3,
        "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63960"
      },
      {
        "db": "BID",
        "id": "60561"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002983"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-248"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3958"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63960"
      },
      {
        "db": "BID",
        "id": "60561"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002983"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-248"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3958"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-06-19T00:00:00",
        "db": "IVD",
        "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      },
      {
        "date": "2013-06-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63960"
      },
      {
        "date": "2013-06-14T00:00:00",
        "db": "BID",
        "id": "60561"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002983"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-248"
      },
      {
        "date": "2013-06-14T19:55:01.250000",
        "db": "NVD",
        "id": "CVE-2013-3958"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      },
      {
        "date": "2013-06-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63960"
      },
      {
        "date": "2013-06-19T07:17:00",
        "db": "BID",
        "id": "60561"
      },
      {
        "date": "2013-06-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002983"
      },
      {
        "date": "2013-06-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-248"
      },
      {
        "date": "2024-11-21T01:54:37.307000",
        "db": "NVD",
        "id": "CVE-2013-3958"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-248"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC/PCS 7 Hardcoded Credential Security Bypass Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07606"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Trust management",
    "sources": [
      {
        "db": "IVD",
        "id": "e69a1ca0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-248"
      }
    ],
    "trust": 0.8
  }
}

var-201303-0259
Vulnerability from variot

The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a crafted project file. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0259",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 sp1"
      },
      {
        "model": "simatic pcs sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c8.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "09175612-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001989"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0677"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001989"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-0677",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2013-0677",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-02175",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "09175612-2353-11e6-abef-000c29c66e3d",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-60679",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0677",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0677",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-02175",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-445",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "09175612-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60679",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2013-0677",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "09175612-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60679"
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-0677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001989"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0677"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a crafted project file. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001989"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "IVD",
        "id": "09175612-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60679"
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-0677"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0677",
        "trust": 3.2
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-02",
        "trust": 2.9
      },
      {
        "db": "SIEMENS",
        "id": "SSA-714398",
        "trust": 2.1
      },
      {
        "db": "BID",
        "id": "58545",
        "trust": 1.5
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-445",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001989",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "09175612-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60679",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-0677",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "120899",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "09175612-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60679"
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-0677"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001989"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0677"
      }
    ]
  },
  "id": "VAR-201303-0259",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "09175612-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60679"
      }
    ],
    "trust": 1.5048571666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "09175612-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:45:48.751000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      },
      {
        "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/33002"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001989"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60679"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001989"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0677"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "trust": 2.1,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/58545"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0677"
      },
      {
        "trust": 0.8,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0677"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/200.html"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=28666"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-13-079-02"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60679"
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-0677"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001989"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0677"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "09175612-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60679"
      },
      {
        "db": "VULMON",
        "id": "CVE-2013-0677"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001989"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0677"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "IVD",
        "id": "09175612-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60679"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULMON",
        "id": "CVE-2013-0677"
      },
      {
        "date": "2013-03-15T00:00:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001989"
      },
      {
        "date": "2013-03-21T15:07:17",
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-445"
      },
      {
        "date": "2013-03-21T15:55:01.583000",
        "db": "NVD",
        "id": "CVE-2013-0677"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60679"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2013-0677"
      },
      {
        "date": "2013-04-02T15:37:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001989"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-445"
      },
      {
        "date": "2024-11-21T01:47:59.553000",
        "db": "NVD",
        "id": "CVE-2013-0677"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-445"
      }
    ],
    "trust": 1.3
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities",
    "sources": [
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      }
    ],
    "trust": 0.9
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-445"
      }
    ],
    "trust": 0.6
  }
}

var-202306-0965
Vulnerability from variot

A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation.

This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202306-0965",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5.2.13"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.5.2.13"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-30897"
      }
    ]
  },
  "cve": "CVE-2023-30897",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.1,
            "id": "CNVD-2023-48549",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2023-30897",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2023-30897",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2023-30897",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2023-48549",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202306-880",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-880"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-30897"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-30897"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC WinCC (All versions \u003c V7.5.2.13). Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation. \r\n\r\nThis could allow an authenticated local attacker to inject arbitrary code and escalate privileges. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-30897"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-30897"
      }
    ],
    "trust": 1.53
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-30897",
        "trust": 2.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-914026",
        "trust": 2.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-48549",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-880",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-30897",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-30897"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-880"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-30897"
      }
    ]
  },
  "id": "VAR-202306-0965",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      }
    ],
    "trust": 1.183997315
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      }
    ]
  },
  "last_update_date": "2024-08-14T15:26:35.146000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens SIMATIC WinCC Native Code Execution Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/433506"
      },
      {
        "title": "Siemens SIMATIC WinCC Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=243027"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-880"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-732",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-30897"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914026.pdf"
      },
      {
        "trust": 0.6,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-914026.html"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2023-30897/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-30897"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-880"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-30897"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-30897"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-880"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-30897"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-06-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      },
      {
        "date": "2023-06-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-30897"
      },
      {
        "date": "2023-06-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202306-880"
      },
      {
        "date": "2023-06-13T09:15:17.703000",
        "db": "NVD",
        "id": "CVE-2023-30897"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-06-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      },
      {
        "date": "2023-06-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-30897"
      },
      {
        "date": "2023-06-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202306-880"
      },
      {
        "date": "2023-06-26T17:41:04.607000",
        "db": "NVD",
        "id": "CVE-2023-30897"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-880"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC Native Code Execution Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-48549"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-880"
      }
    ],
    "trust": 0.6
  }
}

var-201905-1324
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that originated from a network system or product that did not properly validate the entered data. service. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1324",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.5 upd3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "14.x"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 and earlier"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.2.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.4.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "15.x"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2 and earlier"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "9.0.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.1"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=7.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic wincc upd3",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.5.*\u003cv7.5"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "79.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.53"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "14.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "15.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime professional",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14939"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10917"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab, and ChengBin Wang from Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-595"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10917",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-10917",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2019-14939",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "VHN-142511",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.8,
            "id": "CVE-2019-10917",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-10917",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-10917",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-10917",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-14939",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-595",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142511",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14939"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142511"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-595"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10917"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that originated from a network system or product that did not properly validate the entered data. service. Siemens SIMATIC products are prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An SQL injection vulnerability3. \n3. An arbitrary command execution\nExploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. \nThe following Siemens SIMATIC products are affected:\nSIMATIC PCS 7 version 8.0 and prior\nSIMATIC PCS 7 version 8.1\nSIMATIC PCS 7 version 8.2\nSIMATIC PCS 7 version 9.0\nSIMATIC WinCC (TIA Portal) version 13\nSIMATIC WinCC (TIA Portal) version 14\nSIMATIC WinCC (TIA Portal) version 15\nSIMATIC WinCC Runtime Professional, all version\nSIMATIC WinCC version 7.2 and prior\nSIMATIC WinCC version 7.3\nSIMATIC WinCC version 7.4\nSIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10917"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14939"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "IVD",
        "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142511"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10917",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-08",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-697412",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-595",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "108404",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14939",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004567",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "DF80F7D1-C23D-4B6B-A4D2-D114F7117CD6",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142511",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14939"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142511"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-595"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10917"
      }
    ]
  },
  "id": "VAR-201905-1324",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14939"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142511"
      }
    ],
    "trust": 1.5496564849999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14939"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:37:17.536000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-697412",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Input Validation Error Vulnerability (CNVD-2019-14939)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/161831"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14939"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-755",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-248",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142511"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10917"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-08"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
      },
      {
        "trust": 1.5,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-08"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10917"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/108404"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10917"
      },
      {
        "trust": 0.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14939"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142511"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-595"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10917"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14939"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142511"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-595"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10917"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "IVD",
        "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6"
      },
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14939"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142511"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108404"
      },
      {
        "date": "2019-06-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-595"
      },
      {
        "date": "2019-05-14T20:29:02.387000",
        "db": "NVD",
        "id": "CVE-2019-10917"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14939"
      },
      {
        "date": "2021-11-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142511"
      },
      {
        "date": "2019-05-22T06:00:00",
        "db": "BID",
        "id": "108404"
      },
      {
        "date": "2019-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      },
      {
        "date": "2021-11-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-595"
      },
      {
        "date": "2024-11-21T04:20:08.790000",
        "db": "NVD",
        "id": "CVE-2019-10917"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-595"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Vulnerability related to input validation in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004567"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation error",
    "sources": [
      {
        "db": "IVD",
        "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-595"
      }
    ],
    "trust": 1.1
  }
}

var-201303-0258
Vulnerability from variot

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0258",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 sp1"
      },
      {
        "model": "simatic pcs sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c8.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "09019714-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005228"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-444"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0676"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005228"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-0676",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2013-0676",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-02175",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "09019714-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-60678",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0676",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0676",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-02175",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-444",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "09019714-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60678",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "09019714-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60678"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005228"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-444"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0676"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0676"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005228"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "IVD",
        "id": "09019714-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60678"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0676",
        "trust": 3.1
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-02",
        "trust": 2.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-714398",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "58545",
        "trust": 1.5
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-444",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005228",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "09019714-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60678",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "120899",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "09019714-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60678"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005228"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-444"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0676"
      }
    ]
  },
  "id": "VAR-201303-0258",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "09019714-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60678"
      }
    ],
    "trust": 1.5048571666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "09019714-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:45:48.547000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      },
      {
        "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/33002"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005228"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60678"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005228"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0676"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "trust": 2.0,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/58545"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0676"
      },
      {
        "trust": 0.8,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0676"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60678"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005228"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-444"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0676"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "09019714-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60678"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-005228"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-444"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0676"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "IVD",
        "id": "09019714-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60678"
      },
      {
        "date": "2013-03-15T00:00:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-005228"
      },
      {
        "date": "2013-03-21T15:07:17",
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-444"
      },
      {
        "date": "2013-03-21T15:55:01.567000",
        "db": "NVD",
        "id": "CVE-2013-0676"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60678"
      },
      {
        "date": "2013-04-02T15:37:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-005228"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-444"
      },
      {
        "date": "2024-11-21T01:47:59.443000",
        "db": "NVD",
        "id": "CVE-2013-0676"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-444"
      }
    ],
    "trust": 1.3
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities",
    "sources": [
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      }
    ],
    "trust": 0.9
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-444"
      }
    ],
    "trust": 0.6
  }
}

var-201303-0260
Vulnerability from variot

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0260",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 sp1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic pcs sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c8.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001990"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-446"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0678"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001990"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-0678",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2013-0678",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-02175",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "0911ad8e-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-60680",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0678",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0678",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-02175",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-446",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "0911ad8e-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60680",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60680"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001990"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-446"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0678"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0678"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001990"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "IVD",
        "id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60680"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0678",
        "trust": 3.1
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-02",
        "trust": 2.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-714398",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "58545",
        "trust": 1.5
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-446",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001990",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "0911AD8E-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "120899",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60680",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60680"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001990"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-446"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0678"
      }
    ]
  },
  "id": "VAR-201303-0260",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60680"
      }
    ],
    "trust": 1.5048571666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:45:48.595000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      },
      {
        "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/33002"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001990"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-255",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60680"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001990"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0678"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "trust": 2.0,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/58545"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0678"
      },
      {
        "trust": 0.8,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0678"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60680"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001990"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-446"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0678"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60680"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001990"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-446"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0678"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "IVD",
        "id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60680"
      },
      {
        "date": "2013-03-15T00:00:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001990"
      },
      {
        "date": "2013-03-21T15:07:17",
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-446"
      },
      {
        "date": "2013-03-21T15:55:01.600000",
        "db": "NVD",
        "id": "CVE-2013-0678"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60680"
      },
      {
        "date": "2013-04-02T15:37:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001990"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-446"
      },
      {
        "date": "2024-11-21T01:47:59.673000",
        "db": "NVD",
        "id": "CVE-2013-0678"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-446"
      }
    ],
    "trust": 1.3
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities",
    "sources": [
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      }
    ],
    "trust": 0.9
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Trust management",
    "sources": [
      {
        "db": "IVD",
        "id": "0911ad8e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-446"
      }
    ],
    "trust": 0.8
  }
}

var-201407-0602
Vulnerability from variot

The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. Siemens SIMATIC WinCC and PCS7 are prone to an information-disclosure vulnerability. Siemens SIMATIC WinCC is the German Siemens ( Siemens ) The company's set of automated data collection and monitoring ( SCADA )system. The system provides process monitoring, data acquisition and other functions. PCS7 used with other products Siemens SIMATIC WinCC 7.3 previous version of WebNavigator There is a security hole in the server

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0602",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": null,
        "scope": "eq",
        "trust": 2.4,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 2.4,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "wincc",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "pcs7",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.2"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2da5658-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
      },
      {
        "db": "IVD",
        "id": "7d801221-463f-11e9-a98b-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      },
      {
        "db": "BID",
        "id": "68876"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003565"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-602"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4682"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003565"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai from Positive Technologies.",
    "sources": [
      {
        "db": "BID",
        "id": "68876"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-4682",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-4682",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-04662",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "e2da5658-2351-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d801221-463f-11e9-a98b-000c29342cb1",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-72623",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-4682",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-4682",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-04662",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201407-602",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "e2da5658-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d801221-463f-11e9-a98b-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-72623",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2da5658-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
      },
      {
        "db": "IVD",
        "id": "7d801221-463f-11e9-a98b-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72623"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003565"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-602"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4682"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. Siemens SIMATIC WinCC and PCS7 are prone to an information-disclosure vulnerability. Siemens SIMATIC WinCC is the German Siemens ( Siemens ) The company\u0027s set of automated data collection and monitoring ( SCADA )system. The system provides process monitoring, data acquisition and other functions.  PCS7 used with other products Siemens SIMATIC WinCC 7.3 previous version of WebNavigator There is a security hole in the server",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-4682"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003565"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      },
      {
        "db": "BID",
        "id": "68876"
      },
      {
        "db": "IVD",
        "id": "e2da5658-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
      },
      {
        "db": "IVD",
        "id": "7d801221-463f-11e9-a98b-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72623"
      }
    ],
    "trust": 3.06
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-4682",
        "trust": 4.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-214365",
        "trust": 2.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-602",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04662",
        "trust": 1.2
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-205-02",
        "trust": 1.1
      },
      {
        "db": "BID",
        "id": "68876",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003565",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "60392",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "60388",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "E2DA5658-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "00716B3E-FF45-48A1-BC94-7CBFC25E11ED",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D801221-463F-11E9-A98B-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "127660",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-72623",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2da5658-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
      },
      {
        "db": "IVD",
        "id": "7d801221-463f-11e9-a98b-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72623"
      },
      {
        "db": "BID",
        "id": "68876"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003565"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-602"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4682"
      }
    ]
  },
  "id": "VAR-201407-0602",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2da5658-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
      },
      {
        "db": "IVD",
        "id": "7d801221-463f-11e9-a98b-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72623"
      }
    ],
    "trust": 2.003642875
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2da5658-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
      },
      {
        "db": "IVD",
        "id": "7d801221-463f-11e9-a98b-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:31:17.561000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-214365",
        "trust": 0.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC and PCS7 WebNavigator Server Information Disclosure Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/47904"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003565"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-72623"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003565"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4682"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4682"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4682"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/68876"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60388"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60392"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72623"
      },
      {
        "db": "BID",
        "id": "68876"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003565"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-602"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4682"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e2da5658-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
      },
      {
        "db": "IVD",
        "id": "7d801221-463f-11e9-a98b-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72623"
      },
      {
        "db": "BID",
        "id": "68876"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003565"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-602"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4682"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "e2da5658-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "7d801221-463f-11e9-a98b-000c29342cb1"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72623"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "BID",
        "id": "68876"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003565"
      },
      {
        "date": "2014-07-29T22:37:22",
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-602"
      },
      {
        "date": "2014-07-24T14:55:08.020000",
        "db": "NVD",
        "id": "CVE-2014-4682"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72623"
      },
      {
        "date": "2015-03-19T08:39:00",
        "db": "BID",
        "id": "68876"
      },
      {
        "date": "2014-08-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003565"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-602"
      },
      {
        "date": "2024-11-21T02:10:41.677000",
        "db": "NVD",
        "id": "CVE-2014-4682"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-602"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC and PCS7 WebNavigator Server Information Disclosure Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-04662"
      },
      {
        "db": "BID",
        "id": "68876"
      }
    ],
    "trust": 0.9
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Information leakage",
    "sources": [
      {
        "db": "IVD",
        "id": "e2da5658-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "00716b3e-ff45-48a1-bc94-7cbfc25e11ed"
      },
      {
        "db": "IVD",
        "id": "7d801221-463f-11e9-a98b-000c29342cb1"
      }
    ],
    "trust": 0.6
  }
}

var-201905-0112
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains vulnerabilities related to authorization, permissions, and access control.Information may be obtained and information may be altered. Multiple Siemens Products are prone to following security vulnerabilities: 1. An information-disclosure vulnerability 2. A cross-site-scripting vulnerability 3. A security vulnerability An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0112",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc \\",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi mp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi op",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi tp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic hmi classic devices",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime professional update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.11"
      },
      {
        "model": "simatic wincc runtime advanced update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.11"
      },
      {
        "model": "simatic hmi ktp mobile update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic hmi comfort panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic hmi comfort outdoor panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6572"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens ProductCERT reported these vulnerabilities to NCCIC.,Siemens ProductCERT",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-590"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-6572",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2019-6572",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-158007",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-6572",
            "impactScore": 5.2,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 9.1,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-6572",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-6572",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-6572",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-590",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-158007",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158007"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-590"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6572"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains vulnerabilities related to authorization, permissions, and access control.Information may be obtained and information may be altered. Multiple Siemens Products are prone to following security vulnerabilities:\n1. An information-disclosure vulnerability\n2. A cross-site-scripting vulnerability\n3. A security vulnerability\nAn attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-6572"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158007"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-09",
        "trust": 2.8
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6572",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "108412",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-804486",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004632",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-590",
        "trust": 0.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-54367",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-158007",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158007"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-590"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6572"
      }
    ]
  },
  "id": "VAR-201905-0112",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158007"
      }
    ],
    "trust": 0.7545892989999999
  },
  "last_update_date": "2024-11-23T21:37:16.658000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-804486",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
      },
      {
        "title": "Siemens SIMATIC Panels  and WinCC Repair measures for trust management problem vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92740"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-590"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-798",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-200",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158007"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6572"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "http://www.securityfocus.com/bid/108412"
      },
      {
        "trust": 2.5,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-09"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6572"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.9,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-09"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6572"
      },
      {
        "trust": 0.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29288"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158007"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-590"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6572"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-158007"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-590"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6572"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158007"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108412"
      },
      {
        "date": "2019-06-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-590"
      },
      {
        "date": "2019-05-14T20:29:04.200000",
        "db": "NVD",
        "id": "CVE-2019-6572"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-10-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158007"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108412"
      },
      {
        "date": "2019-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      },
      {
        "date": "2020-10-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-590"
      },
      {
        "date": "2024-11-21T04:46:43.653000",
        "db": "NVD",
        "id": "CVE-2019-6572"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-590"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Vulnerabilities related to authorization, authority, and access control in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004632"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "trust management problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-590"
      }
    ],
    "trust": 0.6
  }
}

var-201202-0163
Vulnerability from variot

Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute, read, create, modify, or delete arbitrary files via a .. (dot dot) in a string. plural Siemens Product runtime loader HmiLoad Is Transfer A directory traversal vulnerability exists when the mode is enabled.By a third party .. ( Dot dot ) Arbitrary files may be executed, read, created, modified, or deleted via strings containing. Miniweb has a security vulnerability that allows an attacker to submit a specially crafted HTTP POST request to allow the server to access any illegal memory area while checking the extension of the requested file. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. HmiLoad provides functions that read data and unicode strings with stack-based buffer overflows, allowing an attacker to exploit a vulnerability to execute arbitrary code. HmiLoad has multiple security vulnerabilities that allow an attacker to stop a service or crash a service in multiple ways. A directory traversal vulnerability exists in the HmiLoad server that allows reading, writing, and deleting arbitrary files outside of the specified directory. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. When the transfer mode is enabled, the runtime loader listens on the 2308/TCP or 50523/TCP port, but does not verify the submitted string, allowing the attacker to read and write any file in the file system. Attackers can exploit these issues to execute arbitrary code in the context of the affected application, read/write or delete arbitrary files outside of the server root directory, or cause denial-of-service conditions; other attacks may also be possible. (dots) in strings. ----------------------------------------------------------------------

Secunia is hiring!

Find your next job here:

http://secunia.com/company/jobs/


TITLE: Siemens SIMATIC WinCC Flexible HMI Miniweb Two Vulnerabilities

SECUNIA ADVISORY ID: SA46997

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46997/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46997

RELEASE DATE: 2011-11-30

DISCUSS ADVISORY: http://secunia.com/advisories/46997/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/46997/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=46997

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Luigi Auriemma has discovered two vulnerabilities in Siemens SIMATIC WinCC Flexible, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service).

1) An input sanitisation error in Miniweb.exe when handling HTTP GET requests can be exploited to download arbitrary files via directory traversal attacks sent in a web request.

2) An input validation error in Miniweb.exe when handling HTTP POST requests can be exploited to crash the process via specially crafted content sent in a web request.

The vulnerabilities are confirmed in version 2008 SP2 Upd13 (K01.03.02.13_01.02.00.01). Other versions may also be affected.

SOLUTION: Restrict access to trusted hosts only.

PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma

ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/winccflex_1-adv.txt

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0163",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc flexible runtime",
        "scope": null,
        "trust": 3.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible sp2",
        "scope": "eq",
        "trust": 3.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b71d12-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0466"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-091"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4876"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Luigi Auriemma",
    "sources": [
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2011-4876",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2011-4876",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "28b71d12-2354-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-52821",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4876",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4876",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-091",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "28b71d12-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52821",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b71d12-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52821"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-091"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4876"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute, read, create, modify, or delete arbitrary files via a .. (dot dot) in a string. plural Siemens Product runtime loader HmiLoad Is Transfer A directory traversal vulnerability exists when the mode is enabled.By a third party .. ( Dot dot ) Arbitrary files may be executed, read, created, modified, or deleted via strings containing. Miniweb has a security vulnerability that allows an attacker to submit a specially crafted HTTP POST request to allow the server to access any illegal memory area while checking the extension of the requested file. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. HmiLoad provides functions that read data and unicode strings with stack-based buffer overflows, allowing an attacker to exploit a vulnerability to execute arbitrary code. HmiLoad has multiple security vulnerabilities that allow an attacker to stop a service or crash a service in multiple ways. A directory traversal vulnerability exists in the HmiLoad server that allows reading, writing, and deleting arbitrary files outside of the specified directory. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. When the transfer mode is enabled, the runtime loader listens on the 2308/TCP or 50523/TCP port, but does not verify the submitted string, allowing the attacker to read and write any file in the file system. \nAttackers can exploit these issues to execute arbitrary code in the context of the affected application, read/write or delete arbitrary files outside of the server root directory, or cause denial-of-service conditions; other attacks may also be possible. (dots) in strings. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Flexible HMI Miniweb Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA46997\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/46997/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46997\n\nRELEASE DATE:\n2011-11-30\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/46997/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/46997/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46997\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nLuigi Auriemma has discovered two vulnerabilities in Siemens SIMATIC\nWinCC Flexible, which can be exploited by malicious people to\ndisclose potentially sensitive information and cause a DoS (Denial of\nService). \n\n1) An input sanitisation error in Miniweb.exe when handling HTTP GET\nrequests can be exploited to download arbitrary files via directory\ntraversal attacks sent in a web request. \n\n2) An input validation error in Miniweb.exe when handling HTTP POST\nrequests can be exploited to crash the process via specially crafted\ncontent sent in a web request. \n\nThe vulnerabilities are confirmed in version 2008 SP2 Upd13\n(K01.03.02.13_01.02.00.01). Other versions may also be affected. \n\nSOLUTION:\nRestrict access to trusted hosts only. \n\nPROVIDED AND/OR DISCOVERED BY:\nLuigi Auriemma\n\nORIGINAL ADVISORY:\nhttp://aluigi.altervista.org/adv/winccflex_1-adv.txt\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4876"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0466"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "IVD",
        "id": "28b71d12-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52821"
      },
      {
        "db": "PACKETSTORM",
        "id": "107419"
      }
    ],
    "trust": 5.49
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-52821",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52821"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "50828",
        "trust": 3.9
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4876",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "46997",
        "trust": 1.2
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02A",
        "trust": 1.1
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "77381",
        "trust": 1.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "18166",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-091",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0466",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001318",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01A",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "28B71D12-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52821",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "107419",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b71d12-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0466"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52821"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      },
      {
        "db": "PACKETSTORM",
        "id": "107419"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-091"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4876"
      }
    ]
  },
  "id": "VAR-201202-0163",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "28b71d12-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0466"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52821"
      }
    ],
    "trust": 4.568457485714285
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 3.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b71d12-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0466"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:29.307000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 file download vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72694"
      },
      {
        "title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 memory access vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72697"
      },
      {
        "title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 Buffer Overflow Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72705"
      },
      {
        "title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 service crash vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72689"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC HMI Directory Traversal Vulnerability (CNVD-2012-0466)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/9072"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0466"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52821"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4876"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 4.0,
        "url": "http://aluigi.altervista.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 3.4,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.exploit-db.com/exploits/18166"
      },
      {
        "trust": 1.1,
        "url": "http://aluigi.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02a.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.osvdb.org/77381"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/46997"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71450"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4876"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4876"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/50828"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/company/jobs/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/46997/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46997"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/46997/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0466"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52821"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      },
      {
        "db": "PACKETSTORM",
        "id": "107419"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-091"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4876"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "28b71d12-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0466"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52821"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      },
      {
        "db": "PACKETSTORM",
        "id": "107419"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-091"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4876"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "IVD",
        "id": "28b71d12-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0466"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52821"
      },
      {
        "date": "2011-11-28T00:00:00",
        "db": "BID",
        "id": "50828"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      },
      {
        "date": "2011-11-30T03:40:12",
        "db": "PACKETSTORM",
        "id": "107419"
      },
      {
        "date": "1900-01-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-091"
      },
      {
        "date": "2012-02-03T20:55:01.937000",
        "db": "NVD",
        "id": "CVE-2011-4876"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0466"
      },
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52821"
      },
      {
        "date": "2012-04-18T21:20:00",
        "db": "BID",
        "id": "50828"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      },
      {
        "date": "2011-11-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-091"
      },
      {
        "date": "2024-11-21T01:33:10.577000",
        "db": "NVD",
        "id": "CVE-2011-4876"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-091"
      }
    ],
    "trust": 1.2
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Product  HmiLoad Vulnerable to directory traversal",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001318"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Path traversal",
    "sources": [
      {
        "db": "IVD",
        "id": "28b71d12-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-091"
      }
    ],
    "trust": 0.8
  }
}

var-201407-0606
Vulnerability from variot

The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption key, which allows remote attackers to obtain sensitive information by extracting this key from another product installation and then employing this key during the sniffing of network traffic on TCP port 1030. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A privilege elevation vulnerability exists in Siemens SIMATIC WinCC and PCS7 that allows an attacker to exploit the vulnerability to gain administrative access on the affected device. Siemens SIMATIC WinCC and PCS7 are prone to a privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0606",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": null,
        "scope": "eq",
        "trust": 2.4,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 2.4,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "wincc",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "pcs7",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ea209009-7fdb-4811-b130-403cdc16f255"
      },
      {
        "db": "IVD",
        "id": "7d720861-463f-11e9-a37c-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04643"
      },
      {
        "db": "BID",
        "id": "68875"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-606"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4686"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai from Positive Technologies.",
    "sources": [
      {
        "db": "BID",
        "id": "68875"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-4686",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2014-4686",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2014-04643",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "ea209009-7fdb-4811-b130-403cdc16f255",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "7d720861-463f-11e9-a37c-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-72627",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-4686",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-4686",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-04643",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201407-606",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "ea209009-7fdb-4811-b130-403cdc16f255",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d720861-463f-11e9-a37c-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-72627",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ea209009-7fdb-4811-b130-403cdc16f255"
      },
      {
        "db": "IVD",
        "id": "7d720861-463f-11e9-a37c-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04643"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72627"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-606"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4686"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption key, which allows remote attackers to obtain sensitive information by extracting this key from another product installation and then employing this key during the sniffing of network traffic on TCP port 1030. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A privilege elevation vulnerability exists in Siemens SIMATIC WinCC and PCS7 that allows an attacker to exploit the vulnerability to gain administrative access on the affected device. Siemens SIMATIC WinCC and PCS7 are prone to a privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-4686"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04643"
      },
      {
        "db": "BID",
        "id": "68875"
      },
      {
        "db": "IVD",
        "id": "ea209009-7fdb-4811-b130-403cdc16f255"
      },
      {
        "db": "IVD",
        "id": "7d720861-463f-11e9-a37c-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72627"
      }
    ],
    "trust": 3.06
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-4686",
        "trust": 4.2
      },
      {
        "db": "SIEMENS",
        "id": "SSA-214365",
        "trust": 2.3
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-606",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04643",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "68875",
        "trust": 1.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-205-02",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003569",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "60392",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "60388",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "EA209009-7FDB-4811-B130-403CDC16F255",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D720861-463F-11E9-A37C-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "E2CE69A6-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "130406",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-72627",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "127660",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ea209009-7fdb-4811-b130-403cdc16f255"
      },
      {
        "db": "IVD",
        "id": "7d720861-463f-11e9-a37c-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04643"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72627"
      },
      {
        "db": "BID",
        "id": "68875"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      },
      {
        "db": "PACKETSTORM",
        "id": "130406"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-606"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4686"
      }
    ]
  },
  "id": "VAR-201407-0606",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "ea209009-7fdb-4811-b130-403cdc16f255"
      },
      {
        "db": "IVD",
        "id": "7d720861-463f-11e9-a37c-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04643"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72627"
      }
    ],
    "trust": 1.9749411600000002
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ea209009-7fdb-4811-b130-403cdc16f255"
      },
      {
        "db": "IVD",
        "id": "7d720861-463f-11e9-a37c-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04643"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:31:17.616000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-214365",
        "trust": 0.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC and PCS7 Privilege Escalation Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/47905"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-04643"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4686"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4686"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4686"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/68875"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60388"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60392"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1358"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-04643"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72627"
      },
      {
        "db": "BID",
        "id": "68875"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      },
      {
        "db": "PACKETSTORM",
        "id": "130406"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-606"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4686"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "ea209009-7fdb-4811-b130-403cdc16f255"
      },
      {
        "db": "IVD",
        "id": "7d720861-463f-11e9-a37c-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04643"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72627"
      },
      {
        "db": "BID",
        "id": "68875"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      },
      {
        "db": "PACKETSTORM",
        "id": "130406"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-606"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4686"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "ea209009-7fdb-4811-b130-403cdc16f255"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "7d720861-463f-11e9-a37c-000c29342cb1"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04643"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72627"
      },
      {
        "date": "2014-07-23T00:00:00",
        "db": "BID",
        "id": "68875"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      },
      {
        "date": "2015-02-16T17:36:59",
        "db": "PACKETSTORM",
        "id": "130406"
      },
      {
        "date": "2014-07-29T22:37:22",
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-606"
      },
      {
        "date": "2014-07-24T14:55:08.190000",
        "db": "NVD",
        "id": "CVE-2014-4686"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04643"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72627"
      },
      {
        "date": "2015-03-19T09:08:00",
        "db": "BID",
        "id": "68875"
      },
      {
        "date": "2014-08-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-606"
      },
      {
        "date": "2024-11-21T02:10:42.220000",
        "db": "NVD",
        "id": "CVE-2014-4686"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "130406"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-606"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC PCS 7 Used in products such as  SIMATIC WinCC Vulnerabilities in which important information is obtained in project management applications",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003569"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Encryption issues",
    "sources": [
      {
        "db": "IVD",
        "id": "ea209009-7fdb-4811-b130-403cdc16f255"
      },
      {
        "db": "IVD",
        "id": "7d720861-463f-11e9-a37c-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2ce69a6-2351-11e6-abef-000c29c66e3d"
      }
    ],
    "trust": 0.6
  }
}

var-201303-0261
Vulnerability from variot

Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0261",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 sp1"
      },
      {
        "model": "simatic pcs sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "090c28be-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001991"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-447"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0679"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001991"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-0679",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2013-0679",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-02175",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "090c28be-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-60681",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0679",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0679",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-02175",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-447",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "090c28be-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60681",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "090c28be-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60681"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001991"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-447"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0679"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0679"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001991"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "IVD",
        "id": "090c28be-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60681"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0679",
        "trust": 3.1
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-02",
        "trust": 2.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-714398",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "58545",
        "trust": 1.5
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-447",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001991",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "090C28BE-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60681",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "120899",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "090c28be-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60681"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001991"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-447"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0679"
      }
    ]
  },
  "id": "VAR-201303-0261",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "090c28be-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60681"
      }
    ],
    "trust": 1.5048571666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "090c28be-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:45:48.701000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      },
      {
        "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/33002"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001991"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60681"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001991"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0679"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "trust": 2.0,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/58545"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0679"
      },
      {
        "trust": 0.8,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0679"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60681"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001991"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-447"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0679"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "090c28be-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60681"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001991"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-447"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0679"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "IVD",
        "id": "090c28be-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60681"
      },
      {
        "date": "2013-03-15T00:00:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001991"
      },
      {
        "date": "2013-03-21T15:07:17",
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-447"
      },
      {
        "date": "2013-03-21T15:55:01.613000",
        "db": "NVD",
        "id": "CVE-2013-0679"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60681"
      },
      {
        "date": "2013-04-02T15:37:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001991"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-447"
      },
      {
        "date": "2024-11-21T01:47:59.783000",
        "db": "NVD",
        "id": "CVE-2013-0679"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-447"
      }
    ],
    "trust": 1.3
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC And PCS 7 Multiple Security Vulnerabilities",
    "sources": [
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      }
    ],
    "trust": 0.9
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Path traversal",
    "sources": [
      {
        "db": "IVD",
        "id": "090c28be-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-447"
      }
    ],
    "trust": 0.8
  }
}

var-201306-0314
Vulnerability from variot

SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. By operating the database, remote attackers can exploit this vulnerability to enhance their permissions. Depending on the system configuration, it is possible to obtain full system access rights and execute. Any SQL command

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201306-0314",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 sp1"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2 update 1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "78.x"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07609"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3957"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Alexander Tlyapov from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "60558"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-3957",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2013-3957",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-07609",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "e6a420b0-2352-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-63959",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-3957",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-3957",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-07609",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201306-247",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e6a420b0-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-63959",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07609"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63959"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3957"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. By operating the database, remote attackers can exploit this vulnerability to enhance their permissions. Depending on the system configuration, it is possible to obtain full system access rights and execute. Any SQL command",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-3957"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07609"
      },
      {
        "db": "BID",
        "id": "60558"
      },
      {
        "db": "IVD",
        "id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63959"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-3957",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345843",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "53805",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "60558",
        "trust": 1.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07609",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-247",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002982",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E6A420B0-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-63959",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07609"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63959"
      },
      {
        "db": "BID",
        "id": "60558"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3957"
      }
    ]
  },
  "id": "VAR-201306-0314",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07609"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63959"
      }
    ],
    "trust": 1.5048571666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07609"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:45:40.140000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345843: Vulnerabilites in WinCC 7.2",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC/PCS 7 SQL Injection Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/34669"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07609"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-89",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63959"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3957"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3957"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3957"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/53805/"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/53805"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07609"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63959"
      },
      {
        "db": "BID",
        "id": "60558"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3957"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07609"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63959"
      },
      {
        "db": "BID",
        "id": "60558"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-247"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3957"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-06-19T00:00:00",
        "db": "IVD",
        "id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-07609"
      },
      {
        "date": "2013-06-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63959"
      },
      {
        "date": "2013-06-14T00:00:00",
        "db": "BID",
        "id": "60558"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-247"
      },
      {
        "date": "2013-06-14T19:55:01.233000",
        "db": "NVD",
        "id": "CVE-2013-3957"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-07609"
      },
      {
        "date": "2013-06-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63959"
      },
      {
        "date": "2015-03-19T08:17:00",
        "db": "BID",
        "id": "60558"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      },
      {
        "date": "2013-07-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-247"
      },
      {
        "date": "2024-11-21T01:54:37.167000",
        "db": "NVD",
        "id": "CVE-2013-3957"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-247"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATIC PCS 7 Used in  Siemens WinCC of  Web Navigator In  SQL Injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002982"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SQL injection",
    "sources": [
      {
        "db": "IVD",
        "id": "e6a420b0-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-247"
      }
    ],
    "trust": 0.8
  }
}

var-201905-1322
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that was caused by a network system or product that did not properly validate the input data and could be exploited by an attacker to access project files. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1322",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.5 upd3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "14.x"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 and earlier"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.2.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.4.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "15.x"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2 and earlier"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "9.0.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.1"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=7.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic wincc upd3",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.5.*\u003cv7.5"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "79.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.53"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "14.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "15.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime professional",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab, and ChengBin Wang from Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10916",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2019-10916",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CNVD-2019-14938",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "5e23f13f-8869-4704-a7f2-72babe1680f8",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-142510",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2019-10916",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-10916",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-10916",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-10916",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-14938",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-597",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "5e23f13f-8869-4704-a7f2-72babe1680f8",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142510",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that was caused by a network system or product that did not properly validate the input data and could be exploited by an attacker to access project files. Siemens SIMATIC products are prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An SQL injection vulnerability3. \n3. An arbitrary command execution\nExploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. \nThe following Siemens SIMATIC products are affected:\nSIMATIC PCS 7 version 8.0 and prior\nSIMATIC PCS 7 version 8.1\nSIMATIC PCS 7 version 8.2\nSIMATIC PCS 7 version 9.0\nSIMATIC WinCC (TIA Portal) version 13\nSIMATIC WinCC (TIA Portal) version 14\nSIMATIC WinCC (TIA Portal) version 15\nSIMATIC WinCC Runtime Professional, all version\nSIMATIC WinCC version 7.2 and prior\nSIMATIC WinCC version 7.3\nSIMATIC WinCC version 7.4\nSIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10916",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-08",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-697412",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "108404",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "5E23F13F-8869-4704-A7F2-72BABE1680F8",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "id": "VAR-201905-1322",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      }
    ],
    "trust": 1.5496564849999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:37:16.618000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-697412",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Input Validation Error Vulnerability (NVD-C-2019-65203)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/161835"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-89",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-08"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
      },
      {
        "trust": 1.5,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-08"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10916"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/108404"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10916"
      },
      {
        "trust": 0.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108404"
      },
      {
        "date": "2019-06-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "date": "2019-05-14T20:29:02.293000",
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "date": "2019-10-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "date": "2019-05-22T06:00:00",
        "db": "BID",
        "id": "108404"
      },
      {
        "date": "2019-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "date": "2022-03-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "date": "2024-11-21T04:20:08.653000",
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Vulnerability related to input validation in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SQL injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      }
    ],
    "trust": 0.6
  }
}

var-201202-0165
Vulnerability from variot

Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to read arbitrary files via a ..%5c (dot dot backslash) in a URI. plural Siemens Product HMI Web Server miniweb.exe Contains a directory traversal vulnerability.By a third party ..%5c ( Dot dot backslash ) including URI Any file may be read via. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. The HMI web server listening on TCP ports 80 and 443 does not correctly verify the URL in the HTTP request, and builds a URL containing a specially crafted slash to perform a directory traversal attack and read any file in the file system. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions. A remote attacker can exploit this vulnerability to read arbitrary files by means of ../ (dotted backslashes) in the URL

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0165",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "sp2 update 1"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11\\\\"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2848847e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0468"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-093"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4878"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ICS-CERT",
    "sources": [
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-093"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2011-4878",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2011-4878",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "2848847e-2354-11e6-abef-000c29c66e3d",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-52823",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4878",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4878",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-093",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "2848847e-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52823",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2848847e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52823"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-093"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4878"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to read arbitrary files via a ..%5c (dot dot backslash) in a URI. plural Siemens Product HMI Web Server miniweb.exe Contains a directory traversal vulnerability.By a third party ..%5c ( Dot dot backslash ) including URI Any file may be read via. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. The HMI web server listening on TCP ports 80 and 443 does not correctly verify the URL in the HTTP request, and builds a URL containing a specially crafted slash to perform a directory traversal attack and read any file in the file system. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. \nA remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions. A remote attacker can exploit this vulnerability to read arbitrary files by means of ../ (dotted backslashes) in the URL",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4878"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0468"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "IVD",
        "id": "2848847e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52823"
      }
    ],
    "trust": 2.7
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-52823",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52823"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4878",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.7
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02A",
        "trust": 1.1
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02",
        "trust": 1.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "18166",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "77383",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-093",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0468",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001320",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "18633",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01A",
        "trust": 0.3
      },
      {
        "db": "BID",
        "id": "51836",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "2848847E-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52823",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2848847e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0468"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52823"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-093"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4878"
      }
    ]
  },
  "id": "VAR-201202-0165",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "2848847e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0468"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52823"
      }
    ],
    "trust": 1.5153960400000002
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2848847e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0468"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:29.262000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC HMI Directory Traversal Vulnerability (CNVD-2012-0468)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/9074"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0468"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52823"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4878"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.exploit-db.com/exploits/18166"
      },
      {
        "trust": 1.1,
        "url": "http://aluigi.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02a.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.osvdb.org/77383"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71452"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4878"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4878"
      },
      {
        "trust": 0.6,
        "url": "http://aluigi.altervista.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/18633"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0468"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52823"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-093"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4878"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "2848847e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0468"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52823"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-093"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4878"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "IVD",
        "id": "2848847e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0468"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52823"
      },
      {
        "date": "2012-02-02T00:00:00",
        "db": "BID",
        "id": "51836"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-093"
      },
      {
        "date": "2012-02-03T20:55:02.030000",
        "db": "NVD",
        "id": "CVE-2011-4878"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0468"
      },
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52823"
      },
      {
        "date": "2012-04-18T21:20:00",
        "db": "BID",
        "id": "51836"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-093"
      },
      {
        "date": "2024-11-21T01:33:11.850000",
        "db": "NVD",
        "id": "CVE-2011-4878"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-093"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Product  HMI Web Server traversal vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001320"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Path traversal",
    "sources": [
      {
        "db": "IVD",
        "id": "2848847e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-093"
      }
    ],
    "trust": 0.8
  }
}

var-201702-0669
Vulnerability from variot

Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC PDM and SIMATIC IT are all industrial automation products from Siemens AG.

There is a certification bypass vulnerability in SIEMENS SIMATIC Logon. An attacker could exploit the vulnerability to bypass authentication mechanisms and perform unauthorized operations. This may aid in further attacks. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. A security vulnerability exists in versions prior to SIMATIC Logon 1.5 SP3 Update 2 in several Siemens SIMATIC products. The following products and versions are affected: Siemens SIMATIC WinCC Version 7.x; SIMATIC WinCC Runtime Professional; SIMATIC PCS 7; SIMATIC PDM; SIMATIC IT

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0669",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic logon",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.5"
      },
      {
        "model": "simatic logon",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "1.5 sp3 update 2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.x"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7"
      },
      {
        "model": "simatic pdm",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic it",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic logon",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1.5"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.41"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.32"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.310"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.31"
      },
      {
        "model": "simatic wincc upd4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.29"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.28"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.21"
      },
      {
        "model": "simatic wincc upd4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc upd11",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc sp3 upd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.08"
      },
      {
        "model": "simatic wincc sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc sp2 upd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.012"
      },
      {
        "model": "simatic wincc sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc sp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.03"
      },
      {
        "model": "simatic wincc sp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.02"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic pdm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.2"
      },
      {
        "model": "simatic pcs sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic pcs sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78"
      },
      {
        "model": "simatic pcs sp4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77"
      },
      {
        "model": "simatic logon",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic it",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic logon sp3 update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.52"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic logon",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01343"
      },
      {
        "db": "BID",
        "id": "96208"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-612"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2684"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_logon",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported the issue.",
    "sources": [
      {
        "db": "BID",
        "id": "96208"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-2684",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2017-2684",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2017-01343",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-110887",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.2,
            "id": "CVE-2017-2684",
            "impactScore": 6.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-2684",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-2684",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-01343",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201702-612",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-110887",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01343"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110887"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-612"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2684"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC PDM and SIMATIC IT are all industrial automation products from Siemens AG. \n\nThere is a certification bypass vulnerability in SIEMENS SIMATIC Logon. An attacker could exploit the vulnerability to bypass authentication mechanisms and perform unauthorized operations. This may aid in further attacks. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. A security vulnerability exists in versions prior to SIMATIC Logon 1.5 SP3 Update 2 in several Siemens SIMATIC products. The following products and versions are affected: Siemens SIMATIC WinCC Version 7.x; SIMATIC WinCC Runtime Professional; SIMATIC PCS 7; SIMATIC PDM; SIMATIC IT",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2684"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01343"
      },
      {
        "db": "BID",
        "id": "96208"
      },
      {
        "db": "IVD",
        "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110887"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-2684",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-931064",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "96208",
        "trust": 2.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-045-03",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-612",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01343",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002227",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "9BC72032-E004-41AC-BCE6-0E6FF85B8945",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-110887",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01343"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110887"
      },
      {
        "db": "BID",
        "id": "96208"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-612"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2684"
      }
    ]
  },
  "id": "VAR-201702-0669",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01343"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110887"
      }
    ],
    "trust": 1.5551800569999998
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01343"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:18:06.049000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-931064",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
      },
      {
        "title": "Patch for SIEMENS SIMATIC Logon Certification Bypass Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/176385"
      },
      {
        "title": "Multiple Siemens SIMATIC Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68203"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01343"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-612"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-592",
        "trust": 1.0
      },
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-284",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110887"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2684"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/96208"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-045-03"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2684"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2684"
      },
      {
        "trust": 0.6,
        "url": "http://www.siemens.com/cert/en/cert-security-advisories.htm"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01343"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110887"
      },
      {
        "db": "BID",
        "id": "96208"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-612"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2684"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01343"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110887"
      },
      {
        "db": "BID",
        "id": "96208"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-612"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2684"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-02-14T00:00:00",
        "db": "IVD",
        "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945"
      },
      {
        "date": "2017-02-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-01343"
      },
      {
        "date": "2017-02-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110887"
      },
      {
        "date": "2017-02-14T00:00:00",
        "db": "BID",
        "id": "96208"
      },
      {
        "date": "2017-04-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      },
      {
        "date": "2017-02-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-612"
      },
      {
        "date": "2017-02-22T02:59:00.153000",
        "db": "NVD",
        "id": "CVE-2017-2684"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-01343"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110887"
      },
      {
        "date": "2017-03-07T04:02:00",
        "db": "BID",
        "id": "96208"
      },
      {
        "date": "2017-09-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-612"
      },
      {
        "date": "2024-11-21T03:23:58.447000",
        "db": "NVD",
        "id": "CVE-2017-2684"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-612"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC Logon Vulnerabilities that bypass application-level authentication",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002227"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-612"
      }
    ],
    "trust": 0.6
  }
}

var-202108-2032
Vulnerability from variot

In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer. The Local Discovery Server provides the necessary infrastructure to publicly expose the OPC UA servers available on a given computer

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202108-2032",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic process historian opc ua server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2022"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "17"
      },
      {
        "model": "local discover server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "opcfoundation",
        "version": "1.04.402.463"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic process historian opc ua server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2022"
      },
      {
        "model": "telecontrol server basic",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic wincc unified scada runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "local discovery server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "opc",
        "version": null
      },
      {
        "model": "local discovery server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "opc",
        "version": "1.04.402.463"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported this vulnerability to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-40142",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-40142",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-397219",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-40142",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "OTHER",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-010007",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-40142",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "cve@mitre.org",
            "id": "CVE-2021-40142",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-40142",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202108-2640",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-397219",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-40142",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer. The Local Discovery Server provides the necessary infrastructure to publicly expose the OPC UA servers available on a given computer",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-40142",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-321292",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640",
        "trust": 0.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-132-12",
        "trust": 0.7
      },
      {
        "db": "CS-HELP",
        "id": "SB2022051720",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-397219",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      }
    ]
  },
  "id": "VAR-202108-2032",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      }
    ],
    "trust": 0.71451395
  },
  "last_update_date": "2024-11-23T22:57:56.546000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security\u00a0Update\u00a0for\u00a0Local\u00a0Discovery\u00a0Server\u00a0(LDS) OPC\u00a0Foundation\u00a0Security\u00a0Bulletin",
        "trust": 0.8,
        "url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf"
      },
      {
        "title": "Local Discovery Server Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=161299"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.1
      },
      {
        "problemtype": "Buffer error (CWE-119) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf"
      },
      {
        "trust": 1.8,
        "url": "https://files.opcfoundation.org/securitybulletins/opc%20foundation%20security%20bulletin%20cve-2021-40142.pdf"
      },
      {
        "trust": 1.8,
        "url": "https://opcfoundation.org/security-bulletins/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40142"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-opc-foundation-local-discovery-server-38294"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-12"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022051720"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/119.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2021-40142"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-12"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40142"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-08-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "date": "2021-08-27T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "date": "2022-06-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "date": "2021-08-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      },
      {
        "date": "2021-08-27T07:15:08.630000",
        "db": "NVD",
        "id": "CVE-2021-40142"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-09-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-397219"
      },
      {
        "date": "2022-09-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-40142"
      },
      {
        "date": "2022-06-13T08:39:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      },
      {
        "date": "2022-05-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      },
      {
        "date": "2024-11-21T06:23:38.860000",
        "db": "NVD",
        "id": "CVE-2021-40142"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "OPC\u00a0Foundation\u00a0Local\u00a0Discovery\u00a0Server\u00a0 Buffer error vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-010007"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2640"
      }
    ],
    "trust": 0.6
  }
}

var-201202-0166
Vulnerability from variot

miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle URIs beginning with a 0xfa character, which allows remote attackers to read data from arbitrary memory locations or cause a denial of service (application crash) via a crafted POST request. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. The HMI web server does not properly validate the HTTP request. The first byte in the URL is manipulated. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions. The vulnerability stems from the failure of miniweb.exe in the HMI web server to correctly handle URLs starting with the 0xfa character

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0166",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "sp2 update 1"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11\\\\"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ICS-CERT",
    "sources": [
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2011-4879",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2011-4879",
            "impactScore": 7.8,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "28903b3e-2354-11e6-abef-000c29c66e3d",
            "impactScore": 7.8,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-52824",
            "impactScore": 7.8,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4879",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4879",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-094",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "28903b3e-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52824",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle URIs beginning with a 0xfa character, which allows remote attackers to read data from arbitrary memory locations or cause a denial of service (application crash) via a crafted POST request. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. The HMI web server does not properly validate the HTTP request. The first byte in the URL is manipulated. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. \nA remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions. The vulnerability stems from the failure of miniweb.exe in the HMI web server to correctly handle URLs starting with the 0xfa character",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      }
    ],
    "trust": 2.7
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-52824",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4879",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.7
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02A",
        "trust": 1.1
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "77384",
        "trust": 1.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "18166",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "18633",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01A",
        "trust": 0.3
      },
      {
        "db": "BID",
        "id": "51836",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "28903B3E-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      }
    ]
  },
  "id": "VAR-201202-0166",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      }
    ],
    "trust": 1.5153960400000002
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:29.417000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC HMI Vulnerability (CNVD-2012-0469)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/9075"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.exploit-db.com/exploits/18166"
      },
      {
        "trust": 1.1,
        "url": "http://aluigi.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02a.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.osvdb.org/77384"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71453"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4879"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4879"
      },
      {
        "trust": 0.6,
        "url": "http://aluigi.altervista.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/18633"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4879"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "date": "2012-02-02T00:00:00",
        "db": "BID",
        "id": "51836"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      },
      {
        "date": "2012-02-03T20:55:02.077000",
        "db": "NVD",
        "id": "CVE-2011-4879"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0469"
      },
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52824"
      },
      {
        "date": "2012-04-18T21:20:00",
        "db": "BID",
        "id": "51836"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      },
      {
        "date": "2024-11-21T01:33:12.360000",
        "db": "NVD",
        "id": "CVE-2011-4879"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Product  HMI Web Vulnerability to read data from arbitrary memory locations on the server",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001321"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "28903b3e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-094"
      }
    ],
    "trust": 0.8
  }
}

var-202405-0210
Vulnerability from variot

A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINEC NMS (All versions < V3.0 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions < V3.3.12), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel. S7 PCT (Port Configuration Tool) is a PC-based software for parameterizing Siemens IO-Link master modules and third-party IO-Link devices. Security Configuration Tool (SCT) is an engineering software for safety devices such as SCALANCE-S or CP 443-1Advanced. SIMATIC Automation Tool allows commissioning, adjustment and service in combination with S7-1200 and S7-1500 controllers without an engineering framework. SIMATIC NET PC software is a separately sold software product for implementing communication products for SIMATIC.NET. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC PDM (Process Device Manager) is a universal, manufacturer-independent tool for configuration, parameter assignment, commissioning, diagnostics and maintenance of intelligent process devices (actuators, sensors) and automation components (remote I/O, multiplexers, process control units, compact controllers). SIMATIC STEP 7 V5 is the classic engineering software for configuring and programming SIMATIC S7-300/S7-400/C7/WinAC controllers. SIMATIC WinCC is a Supervisory Control and Data Acquisition (SCADA) system. SIMATIC WinCC Open Architecture (OA) is part of the SIMATIC HMI family. It is designed for applications that require a high degree of customer-specific adaptability, large or complex applications, and projects that impose specific system requirements or functions. SIMATIC WinCC Runtime Advanced is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Unified PC Runtime is a new visualization runtime platform for operator control and monitoring of machines and plants. SINAMICS Startdrive commissioning software is the engineering tool for integrating SINAMICS drives in the TIA Portal. SINUMERIK CNC provides automation solutions for workshops, shop floors and large serial production environments. SINUMERIK ONE is a digital native CNC system. Totally Integrated Automation Portal (TIA Portal) is a PC software that provides the complete range of Siemens digital automation services, from digital planning and integrated engineering to transparent operation. TIA Portal Cloud Connector enables access to local PG/PC interfaces and connected SIMATIC hardware from TIA Portal Engineering when engineering via remote desktop on a private cloud server

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202405-0210",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "security configuration tool",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic automation tool",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc software",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc oa",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v3.17"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v16"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v15.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.1"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v19"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "totally integrated automation portal update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v19\u003cv192"
      },
      {
        "model": "tia portal cloud connector",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v2.0"
      },
      {
        "model": "sinumerik plc programming tool",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik one virtual",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v6.23"
      },
      {
        "model": "sinamics startdrive sp1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v19"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.5"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic wincc unified pc runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v16"
      },
      {
        "model": "simatic wincc oa p010",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v3.19\u003cv3.19"
      },
      {
        "model": "simatic wincc oa p025",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v3.18\u003cv3.18"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v5"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v9.1"
      },
      {
        "model": "simatic pdm",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v9.2"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v9.1"
      },
      {
        "model": "s7-pct",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ]
  },
  "cve": "CVE-2023-46280",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.6,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.1,
            "id": "CNVD-2024-24524",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.0,
            "id": "CVE-2023-46280",
            "impactScore": 4.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2023-46280",
            "trust": 1.0,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2024-24524",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions \u003c V5.0 SP2), SIMATIC BATCH V9.1 (All versions \u003c V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions \u003c V18 SP1), SIMATIC NET PC Software V19 (All versions \u003c V19 Update 2), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions \u003c V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions \u003c V9.1 SP2 Upd3), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions \u003c V3.18 P025), SIMATIC WinCC OA V3.19 (All versions \u003c V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions \u003c V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 2), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 5), SINAMICS Startdrive (All versions \u003c V19 SP1), SINEC NMS (All versions \u003c V3.0), SINEC NMS (All versions \u003c V3.0 SP1), SINUMERIK ONE virtual (All versions \u003c V6.23), SINUMERIK PLC Programming Tool (All versions \u003c V3.3.12), TIA Portal Cloud Connector (All versions \u003c V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions \u003c V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel. S7 PCT (Port Configuration Tool) is a PC-based software for parameterizing Siemens IO-Link master modules and third-party IO-Link devices. Security Configuration Tool (SCT) is an engineering software for safety devices such as SCALANCE-S or CP 443-1Advanced. SIMATIC Automation Tool allows commissioning, adjustment and service in combination with S7-1200 and S7-1500 controllers without an engineering framework. SIMATIC NET PC software is a separately sold software product for implementing communication products for SIMATIC.NET. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC PDM (Process Device Manager) is a universal, manufacturer-independent tool for configuration, parameter assignment, commissioning, diagnostics and maintenance of intelligent process devices (actuators, sensors) and automation components (remote I/O, multiplexers, process control units, compact controllers). SIMATIC STEP 7 V5 is the classic engineering software for configuring and programming SIMATIC S7-300/S7-400/C7/WinAC controllers. SIMATIC WinCC is a Supervisory Control and Data Acquisition (SCADA) system. SIMATIC WinCC Open Architecture (OA) is part of the SIMATIC HMI family. It is designed for applications that require a high degree of customer-specific adaptability, large or complex applications, and projects that impose specific system requirements or functions. SIMATIC WinCC Runtime Advanced is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Unified PC Runtime is a new visualization runtime platform for operator control and monitoring of machines and plants. SINAMICS Startdrive commissioning software is the engineering tool for integrating SINAMICS drives in the TIA Portal. SINUMERIK CNC provides automation solutions for workshops, shop floors and large serial production environments. SINUMERIK ONE is a digital native CNC system. Totally Integrated Automation Portal (TIA Portal) is a PC software that provides the complete range of Siemens digital automation services, from digital planning and integrated engineering to transparent operation. TIA Portal Cloud Connector enables access to local PG/PC interfaces and connected SIMATIC hardware from TIA Portal Engineering when engineering via remote desktop on a private cloud server",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ],
    "trust": 1.44
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SIEMENS",
        "id": "SSA-962515",
        "trust": 1.6
      },
      {
        "db": "NVD",
        "id": "CVE-2023-46280",
        "trust": 1.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-784301",
        "trust": 1.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-331112",
        "trust": 1.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "id": "VAR-202405-0210",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ],
    "trust": 1.2706952166666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ]
  },
  "last_update_date": "2024-11-13T19:49:07.316000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens Industrial Products Out-of-Bounds Read Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/547666"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-125",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-962515.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-331112.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-05-30T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "date": "2024-05-14T16:15:40.800000",
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-05-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "date": "2024-11-12T13:15:05.960000",
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens Industrial Products Out-of-Bounds Read Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ],
    "trust": 0.6
  }
}

var-201303-0255
Vulnerability from variot

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0255",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc tia portal",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc tia portal",
        "version": "11.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "091d3190-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001986"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-441"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0672"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001986"
      }
    ]
  },
  "cve": "CVE-2013-0672",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "CVE-2013-0672",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "091d3190-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "VHN-60674",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0672",
            "trust": 1.0,
            "value": "LOW"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0672",
            "trust": 0.8,
            "value": "Low"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-441",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "IVD",
            "id": "091d3190-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60674",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "091d3190-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60674"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001986"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-441"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0672"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0672"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001986"
      },
      {
        "db": "IVD",
        "id": "091d3190-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60674"
      }
    ],
    "trust": 1.89
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0672",
        "trust": 2.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-03",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-212483",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-441",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001986",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "091D3190-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60674",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "091d3190-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60674"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001986"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-441"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0672"
      }
    ]
  },
  "id": "VAR-201303-0255",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "091d3190-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60674"
      }
    ],
    "trust": 0.9086316000000001
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "091d3190-2353-11e6-abef-000c29c66e3d"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:08:32.550000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-212483: Vulnerabilities in WinCC (TIA Portal) V11",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001986"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60674"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001986"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0672"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-03.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0672"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0672"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60674"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001986"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-441"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0672"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "091d3190-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60674"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001986"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-441"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0672"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "IVD",
        "id": "091d3190-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60674"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001986"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-441"
      },
      {
        "date": "2013-03-21T14:55:01.547000",
        "db": "NVD",
        "id": "CVE-2013-0672"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60674"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001986"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-441"
      },
      {
        "date": "2024-11-21T01:47:59.007000",
        "db": "NVD",
        "id": "CVE-2013-0672"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-441"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC HMI web Cross-Site Scripting Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "091d3190-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-441"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-441"
      }
    ],
    "trust": 0.6
  }
}

var-201705-3974
Vulnerability from variot

A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface. Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional are industrial automation products from Siemens AG. SIMATIC WinCC is a monitoring and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is the control and monitoring of the operator's visual runtime platform machines and equipment. Multiple SIMATIC WinCC Products are prone to a denial-of-service vulnerability. The following products are vulnerable: SIMATIC WinCC 7.3 versions prior to 7.3 Update 11 SIMATIC WinCC 7.4 versions prior to 7.4 SP1 SIMATIC WinCC Runtime Professional 13 versions prior to 13 SP2 SIMATIC WinCC Runtime Professional 14 versions prior to 14 SP1 SIMATIC WinCC (TIA Portal) Professional 13 versions prior to 13 SP2 SIMATIC WinCC (TIA Portal) Professional 14 versions prior to 14 SP1. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. Security vulnerabilities exist in several Siemens products

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3974",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "14 sp1"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3 update 11"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.4 sp1"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "14 sp1"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13 sp2"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13 sp2"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc upd",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.311"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic wincc runtime professional sp2",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc runtime professional sp1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic wincc professional sp2",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc professional sp1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.32"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.310"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.31"
      },
      {
        "model": "simatic wincc runtime professional sp1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc professional sp1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc professional sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.311"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "13"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "14"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime",
        "version": "13"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime",
        "version": "14"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06154"
      },
      {
        "db": "BID",
        "id": "98368"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-630"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6867"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sergey Temnikov and Vladimir Dashchenko of the Kaspersky Lab Critical Infrastructure Defense Team",
    "sources": [
      {
        "db": "BID",
        "id": "98368"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-6867",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2017-6867",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-06154",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "VHN-115070",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.2,
            "id": "CVE-2017-6867",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-6867",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-6867",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-06154",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201703-630",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-115070",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06154"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115070"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-630"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6867"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the \"administrators\" group to crash services by sending specially crafted messages to the DCOM interface. Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional are industrial automation products from Siemens AG. SIMATIC WinCC is a monitoring and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is the control and monitoring of the operator\u0027s visual runtime platform machines and equipment. Multiple SIMATIC WinCC Products are prone to a denial-of-service vulnerability. \nThe following products are vulnerable:\nSIMATIC WinCC 7.3 versions prior to 7.3 Update 11\nSIMATIC WinCC 7.4 versions prior to 7.4 SP1\nSIMATIC WinCC Runtime Professional 13 versions prior to 13 SP2\nSIMATIC WinCC Runtime Professional 14 versions prior to 14 SP1\nSIMATIC WinCC (TIA Portal) Professional 13 versions prior to 13 SP2\nSIMATIC WinCC (TIA Portal) Professional 14 versions prior to 14 SP1. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. Security vulnerabilities exist in several Siemens products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-6867"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06154"
      },
      {
        "db": "BID",
        "id": "98368"
      },
      {
        "db": "IVD",
        "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115070"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-6867",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-156872",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "98368",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-523365",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-630",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06154",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-306-01",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004058",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-129-03",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "81C5D14F-8537-4B60-AA16-B99AEC0C6E39",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-115070",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06154"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115070"
      },
      {
        "db": "BID",
        "id": "98368"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-630"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6867"
      }
    ]
  },
  "id": "VAR-201705-3974",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06154"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115070"
      }
    ],
    "trust": 1.576931954
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06154"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:07:25.708000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-156872",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional Denial of Service Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/176383"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06154"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-787",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-115070"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6867"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/98368"
      },
      {
        "trust": 1.1,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6867"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-01"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-6867"
      },
      {
        "trust": 0.6,
        "url": "http://www.siemens.com/cert/en/cert-security-advisories.htm"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      },
      {
        "trust": 0.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-03"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06154"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115070"
      },
      {
        "db": "BID",
        "id": "98368"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-630"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6867"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06154"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115070"
      },
      {
        "db": "BID",
        "id": "98368"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-630"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6867"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-09T00:00:00",
        "db": "IVD",
        "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
      },
      {
        "date": "2017-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06154"
      },
      {
        "date": "2017-05-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-115070"
      },
      {
        "date": "2017-05-09T00:00:00",
        "db": "BID",
        "id": "98368"
      },
      {
        "date": "2017-06-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      },
      {
        "date": "2017-03-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-630"
      },
      {
        "date": "2017-05-11T10:29:00.260000",
        "db": "NVD",
        "id": "CVE-2017-6867"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06154"
      },
      {
        "date": "2018-06-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-115070"
      },
      {
        "date": "2017-05-23T16:23:00",
        "db": "BID",
        "id": "98368"
      },
      {
        "date": "2018-06-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      },
      {
        "date": "2017-05-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-630"
      },
      {
        "date": "2024-11-21T03:30:41.697000",
        "db": "NVD",
        "id": "CVE-2017-6867"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-630"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens SIMATIC Vulnerability that can crash services in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004058"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-630"
      }
    ],
    "trust": 0.8
  }
}

var-201612-0420
Vulnerability from variot

A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions. Siemens SIMATIC WinCC and SIMATIC PCS 7 are industrial automation products from Siemens AG, Germany. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. A security bypass vulnerability exists in versions prior to SIMATIC WinCC 7.2 and in versions prior to SIMATIC PCS 7 8.0 SP1. An attacker could exploit this vulnerability to execute ActiveX components. Attackers can exploit this issue to obtain sensitive information or cause denial-of-service condition

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201612-0420",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 sp1"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "wincc",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c8.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic wincc sp3 upd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.08"
      },
      {
        "model": "simatic wincc sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc sp2 upd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.012"
      },
      {
        "model": "simatic wincc sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc sp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.03"
      },
      {
        "model": "simatic wincc sp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.02"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78"
      },
      {
        "model": "simatic pcs sp4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77"
      },
      {
        "model": "simatic wincc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs sp1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-12696"
      },
      {
        "db": "BID",
        "id": "94825"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201612-334"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9160"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Mingzheng Li from Acorn Network Security Lab",
    "sources": [
      {
        "db": "BID",
        "id": "94825"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201612-334"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2016-9160",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2016-9160",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-12696",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-97980",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2016-9160",
            "impactScore": 5.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-9160",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-9160",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-12696",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201612-334",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-97980",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-12696"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97980"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201612-334"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9160"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability in SIEMENS SIMATIC WinCC (All versions \u003c SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions \u003c SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions. Siemens SIMATIC WinCC and SIMATIC PCS 7 are industrial automation products from Siemens AG, Germany. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. A security bypass vulnerability exists in versions prior to SIMATIC WinCC 7.2 and in versions prior to SIMATIC PCS 7 8.0 SP1. An attacker could exploit this vulnerability to execute ActiveX components. \nAttackers can exploit this issue to obtain sensitive information or cause denial-of-service condition",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-9160"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-12696"
      },
      {
        "db": "BID",
        "id": "94825"
      },
      {
        "db": "IVD",
        "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97980"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-9160",
        "trust": 3.6
      },
      {
        "db": "BID",
        "id": "94825",
        "trust": 2.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-16-348-04",
        "trust": 2.2
      },
      {
        "db": "SIEMENS",
        "id": "SSA-693129",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1037435",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201612-334",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-12696",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006500",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "F04157CB-EDF5-490C-9E17-39C08EA58FA8",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-97980",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-12696"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97980"
      },
      {
        "db": "BID",
        "id": "94825"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201612-334"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9160"
      }
    ]
  },
  "id": "VAR-201612-0420",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-12696"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97980"
      }
    ],
    "trust": 1.5269656166666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-12696"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:56:20.483000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-693129",
        "trust": 0.8,
        "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf"
      },
      {
        "title": "Patch for security bypass bugs in SIMATIC WinCC and SIMATIC PCS 7 ActiveX controls",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/86164"
      },
      {
        "title": "SIMATIC WinCC  and SIMATIC PCS 7 Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66299"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-12696"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201612-334"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-254",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-111",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-97980"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9160"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/94825"
      },
      {
        "trust": 2.2,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-348-04"
      },
      {
        "trust": 2.0,
        "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1037435"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9160"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9160"
      },
      {
        "trust": 0.3,
        "url": "http://support.microsoft.com/kb/240797"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-12696"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97980"
      },
      {
        "db": "BID",
        "id": "94825"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201612-334"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9160"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-12696"
      },
      {
        "db": "VULHUB",
        "id": "VHN-97980"
      },
      {
        "db": "BID",
        "id": "94825"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201612-334"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-9160"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-12-21T00:00:00",
        "db": "IVD",
        "id": "f04157cb-edf5-490c-9e17-39c08ea58fa8"
      },
      {
        "date": "2016-12-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-12696"
      },
      {
        "date": "2016-12-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-97980"
      },
      {
        "date": "2016-12-09T00:00:00",
        "db": "BID",
        "id": "94825"
      },
      {
        "date": "2017-01-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      },
      {
        "date": "2016-12-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201612-334"
      },
      {
        "date": "2016-12-17T03:59:00.263000",
        "db": "NVD",
        "id": "CVE-2016-9160"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-12-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-12696"
      },
      {
        "date": "2017-07-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-97980"
      },
      {
        "date": "2016-12-20T01:09:00",
        "db": "BID",
        "id": "94825"
      },
      {
        "date": "2017-01-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      },
      {
        "date": "2016-12-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201612-334"
      },
      {
        "date": "2024-11-21T03:00:43.387000",
        "db": "NVD",
        "id": "CVE-2016-9160"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201612-334"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIEMENS SIMATIC WinCC and  SIEMENS SIMATIC PCS 7 In  ActiveX Vulnerability that can crash components",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006500"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201612-334"
      }
    ],
    "trust": 0.6
  }
}

var-201611-0180
Vulnerability from variot

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files*" or the localized equivalent). plural Siemens The product has an installation %PROGRAMFILES% If not using a directory, it is not enclosed in quotes Windows There are vulnerabilities whose privileges are obtained by the search path. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) ,and CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/254.html https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through the Trojan executable. Founded in 1847, Siemens AG of Germany focuses on the fields of electrification, automation and digitization. Siemens is a leader in offshore wind turbine construction, gas turbine and steam turbine power generation, transmission solutions, infrastructure solutions, industrial automation, drive and software solutions, and medical imaging equipment and laboratory diagnostics. There are privilege escalation vulnerabilities in many Siemens products. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201611-0180",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simit",
        "scope": "eq",
        "trust": 3.3,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "softnet security client",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinema remote connect",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic step 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.5"
      },
      {
        "model": "sinema server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic winac rtx 2010",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "telecontrol basic",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "softnet security client",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "simatic winac rtx f 2010",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "primary setup tool",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic it production suite",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc software",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "security configuration tool",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "78.2"
      },
      {
        "model": "security configuration tool",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic winac rtx f 2010",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "sp2"
      },
      {
        "model": "simatic it production suite",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3"
      },
      {
        "model": "simatic winac rtx 2010",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "sp2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "professional"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.2 until"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2 to  7.4"
      },
      {
        "model": "sinema remote connect client",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3 upd 8"
      },
      {
        "model": "simatic step 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "5.x"
      },
      {
        "model": "primary setup tool",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic wincc tia portal",
        "version": "*"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "75.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.3x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.4x"
      },
      {
        "model": "sinema server",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.2x"
      },
      {
        "model": "simatic wincc sp2 sp2 upd",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.0\u003c7.012"
      },
      {
        "model": "simatic wincc sp3 sp3 upd",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.0\u003c7.08"
      },
      {
        "model": "simatic net pc-software",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional all",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c14"
      },
      {
        "model": "simatic wincc basic",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc comfort",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc advanced",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc professional all",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinema remote connect client all",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic winac rtx sp2 all",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic winac rtx f sp2 all",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic it production suite all",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "telecontrol server basic sp2",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "softnet security client all",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v5.0"
      },
      {
        "model": "security configuration tool all",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "primary setup tool all",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "telecontrol basic",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "sinema server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "telecontrol server basic",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "sinema server sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v12"
      },
      {
        "model": "sinema server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v12"
      },
      {
        "model": "sinema server sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12.0"
      },
      {
        "model": "sinema server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12.0-"
      },
      {
        "model": "sinema remote connect client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc comfort",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc basic",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.41"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.32"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.310"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.31"
      },
      {
        "model": "simatic wincc upd4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.29"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.28"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.21"
      },
      {
        "model": "simatic wincc upd4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc upd11",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic winac rtx f sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic winac rtx sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic step tia portal sp1 upd1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v13"
      },
      {
        "model": "simatic step tia portal sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v13"
      },
      {
        "model": "simatic step tia portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v13"
      },
      {
        "model": "simatic step tia portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v12"
      },
      {
        "model": "simatic step sp4 hf4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp3 hf10",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp2 hf7",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp1 hf2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic pcs sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77"
      },
      {
        "model": "simatic net pc-software sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic net pc-software hf1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic net pc-software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic net pc-software sp2 hf3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic net pc-software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic it production suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "security configuration tool",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "primary setup tool",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "telecontrol server basic sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "sinema server sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc comfort",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc basic",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc advanced",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc sp3 upd",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.08"
      },
      {
        "model": "simatic wincc sp2 upd",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.012"
      },
      {
        "model": "simatic step tia portal",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v14"
      },
      {
        "model": "simatic net pc-software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "primary setup tool",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "security configuration tool",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic it production suite",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic net pc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx 2010",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx f 2010",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simit",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinema remote connect",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinema server",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "softnet security client",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "telecontrol basic",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10732"
      },
      {
        "db": "BID",
        "id": "94158"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-301"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7165"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:primary_setup_tool",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:security_configuration_tool",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_it_production_suite",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_step_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_step_7_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_winac_rtx_2010",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_winac_rtx_f_2010",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simit",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:sinema_remote_connect",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:sinema_server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:softnet_security_client",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:telecontrol_basic",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WATERSURE and KIANDRA IT",
    "sources": [
      {
        "db": "BID",
        "id": "94158"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-7165",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "CVE-2016-7165",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "MULTIPLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.2,
            "id": "CNVD-2016-10732",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:H/Au:M/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "MULTIPLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.2,
            "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:L/AC:H/Au:M/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "VHN-95985",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.5,
            "id": "CVE-2016-7165",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-7165",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-7165",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-10732",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201611-301",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-95985",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10732"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95985"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-301"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7165"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in Primary Setup Tool (PST) (All versions \u003c V4.2 HF1), SIMATIC IT Production Suite (All versions \u003c V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions \u003c V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC STEP 7 V5.X (All versions \u003c V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions \u003c V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions \u003c V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions \u003c V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions \u003c V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1), SIMIT V9.0 (All versions \u003c V9.0 SP1), SINEMA Remote Connect Client (All versions \u003c V1.0 SP3), SINEMA Server (All versions \u003c V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions \u003c V4.3 HF1), TeleControl Server Basic (All versions \u003c V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent). plural Siemens The product has an installation %PROGRAMFILES% If not using a directory, it is not enclosed in quotes Windows There are vulnerabilities whose privileges are obtained by the search path. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) ,and CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/254.html https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through the Trojan executable. Founded in 1847, Siemens AG of Germany focuses on the fields of electrification, automation and digitization. Siemens is a leader in offshore wind turbine construction, gas turbine and steam turbine power generation, transmission solutions, infrastructure solutions, industrial automation, drive and software solutions, and medical imaging equipment and laboratory diagnostics. There are privilege escalation vulnerabilities in many Siemens products. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-7165"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10732"
      },
      {
        "db": "BID",
        "id": "94158"
      },
      {
        "db": "IVD",
        "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95985"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-7165",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-16-313-02",
        "trust": 2.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-701708",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "94158",
        "trust": 1.4
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-301",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10732",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005899",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "B4D8EF0B-EEF6-4E09-9B80-86C9B1224D88",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-95985",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10732"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95985"
      },
      {
        "db": "BID",
        "id": "94158"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-301"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7165"
      }
    ]
  },
  "id": "VAR-201611-0180",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10732"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95985"
      }
    ],
    "trust": 1.6015931965384618
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10732"
      }
    ]
  },
  "last_update_date": "2024-11-23T23:05:34.362000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-701708",
        "trust": 0.8,
        "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-701708.pdf"
      },
      {
        "title": "Patch for a number of Siemens products with privilege escalation vulnerability (CNVD-2016-10732)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/83616"
      },
      {
        "title": "Multiple Siemens Product non-reference Windows Search path vulnerability fixes",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65670"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10732"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-301"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-254",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-284",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-95985"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7165"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-313-02"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/94158"
      },
      {
        "trust": 1.1,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7165"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7165"
      },
      {
        "trust": 0.6,
        "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-701708.pdf"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-16-313-02"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-10732"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95985"
      },
      {
        "db": "BID",
        "id": "94158"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-301"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7165"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-10732"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95985"
      },
      {
        "db": "BID",
        "id": "94158"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-301"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-7165"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-08T00:00:00",
        "db": "IVD",
        "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88"
      },
      {
        "date": "2016-11-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-10732"
      },
      {
        "date": "2016-11-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-95985"
      },
      {
        "date": "2016-11-08T00:00:00",
        "db": "BID",
        "id": "94158"
      },
      {
        "date": "2016-11-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      },
      {
        "date": "2016-11-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201611-301"
      },
      {
        "date": "2016-11-15T19:30:02.797000",
        "db": "NVD",
        "id": "CVE-2016-7165"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-10732"
      },
      {
        "date": "2018-06-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-95985"
      },
      {
        "date": "2016-11-24T01:08:00",
        "db": "BID",
        "id": "94158"
      },
      {
        "date": "2016-12-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      },
      {
        "date": "2019-10-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201611-301"
      },
      {
        "date": "2024-11-21T02:57:37.740000",
        "db": "NVD",
        "id": "CVE-2016-7165"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "94158"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-301"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Vulnerability gained in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005899"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "IVD",
        "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-301"
      }
    ],
    "trust": 0.8
  }
}

var-202402-1390
Vulnerability from variot

A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain unorganized RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202402-1390",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime professional",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "18"
      },
      {
        "model": "openpcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic route control",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "19"
      },
      {
        "model": "simatic batch",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic batch",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic route control",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "openpcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.1"
      },
      {
        "model": "openpcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "79.1"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v19"
      },
      {
        "model": "simatic wincc sp2 update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.515"
      },
      {
        "model": "simatic wincc sp4",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09315"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027390"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48363"
      }
    ]
  },
  "cve": "CVE-2023-48363",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2024-09315",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2023-48363",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2023-48363",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2023-48363",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2023-48363",
            "trust": 1.0,
            "value": "High"
          },
          {
            "author": "NVD",
            "id": "CVE-2023-48363",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2024-09315",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09315"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027390"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48363"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48363"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 4). The implementation of the RPC (Remote Procedure call) \r\ncommunication protocol in the affected products do not \r\nproperly handle certain unorganized RPC messages. An \r\nattacker could use this vulnerability to cause a denial of service \r\ncondition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-48363"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027390"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-09315"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-48363"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-48363",
        "trust": 3.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-753746",
        "trust": 2.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-24-046-12",
        "trust": 0.9
      },
      {
        "db": "JVN",
        "id": "JVNVU91198149",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU94620134",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027390",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-09315",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-48363",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09315"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-48363"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027390"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48363"
      }
    ]
  },
  "id": "VAR-202402-1390",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09315"
      }
    ],
    "trust": 1.295444247142857
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09315"
      }
    ]
  },
  "last_update_date": "2024-10-24T21:07:58.957000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Null pointer dereference vulnerabilities in multiple Siemens products",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/526511"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09315"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-476",
        "trust": 1.0
      },
      {
        "problemtype": "NULL Pointer dereference (CWE-476) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027390"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48363"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html"
      },
      {
        "trust": 0.9,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-12"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91198149/"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu94620134/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-48363"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/476.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09315"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-48363"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027390"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48363"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09315"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-48363"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027390"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48363"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-02-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-09315"
      },
      {
        "date": "2024-02-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-48363"
      },
      {
        "date": "2024-10-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-027390"
      },
      {
        "date": "2024-02-13T09:15:45.763000",
        "db": "NVD",
        "id": "CVE-2023-48363"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-02-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-09315"
      },
      {
        "date": "2024-02-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-48363"
      },
      {
        "date": "2024-10-21T00:55:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-027390"
      },
      {
        "date": "2024-10-18T17:26:54.187000",
        "db": "NVD",
        "id": "CVE-2023-48363"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "in multiple Siemens products \u00a0NULL\u00a0 Pointer dereference vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027390"
      }
    ],
    "trust": 0.8
  }
}

var-201905-0114
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known. plural SIMATIC The product contains cryptographic vulnerabilities.Information may be obtained. Multiple Siemens Products are prone to following security vulnerabilities: 1. An information-disclosure vulnerability 2. A cross-site-scripting vulnerability 3. A security vulnerability An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0114",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc \\",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi mp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi op",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi tp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic hmi classic devices",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime professional update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.11"
      },
      {
        "model": "simatic wincc runtime advanced update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.11"
      },
      {
        "model": "simatic hmi ktp mobile update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic hmi comfort panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic hmi comfort outdoor panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6576"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens ProductCERT reported these vulnerabilities to NCCIC.,Siemens ProductCERT",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-589"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-6576",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2019-6576",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-158011",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-6576",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-6576",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-6576",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-589",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-158011",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158011"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-589"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6576"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known. plural SIMATIC The product contains cryptographic vulnerabilities.Information may be obtained. Multiple Siemens Products are prone to following security vulnerabilities:\n1. An information-disclosure vulnerability\n2. A cross-site-scripting vulnerability\n3. A security vulnerability\nAn attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-6576"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158011"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-09",
        "trust": 2.8
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6576",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "108412",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-804486",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004633",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-589",
        "trust": 0.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-54366",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-158011",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158011"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-589"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6576"
      }
    ]
  },
  "id": "VAR-201905-0114",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158011"
      }
    ],
    "trust": 0.7545892989999999
  },
  "last_update_date": "2024-11-23T21:37:16.690000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-804486",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
      },
      {
        "title": "Siemens SIMATIC Panels  and WinCC Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92739"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-589"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-310",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158011"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6576"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/108412"
      },
      {
        "trust": 1.9,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-09"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6576"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.9,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-09"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6576"
      },
      {
        "trust": 0.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29288"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158011"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-589"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6576"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-158011"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-589"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6576"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158011"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108412"
      },
      {
        "date": "2019-06-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-589"
      },
      {
        "date": "2019-05-14T20:29:04.560000",
        "db": "NVD",
        "id": "CVE-2019-6576"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158011"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108412"
      },
      {
        "date": "2019-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      },
      {
        "date": "2019-06-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-589"
      },
      {
        "date": "2024-11-21T04:46:44.130000",
        "db": "NVD",
        "id": "CVE-2019-6576"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-589"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Cryptographic vulnerabilities in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004633"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "encryption problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-589"
      }
    ],
    "trust": 0.6
  }
}

var-202404-0165
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 1), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operators to control and monitor machines and equipment

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202404-0165",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs sp2 uc04",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.1\u003cv9.1"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v19"
      },
      {
        "model": "simatic wincc sp2 update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.5\u003cv7.516"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      }
    ]
  },
  "cve": "CVE-2023-50821",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2024-17302",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.5,
            "id": "CVE-2023-50821",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2023-50821",
            "trust": 1.0,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2024-17302",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-50821"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 1), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operators to control and monitor machines and equipment",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-50821"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      }
    ],
    "trust": 1.44
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SIEMENS",
        "id": "SSA-730482",
        "trust": 1.6
      },
      {
        "db": "NVD",
        "id": "CVE-2023-50821",
        "trust": 1.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-17302",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-50821"
      }
    ]
  },
  "id": "VAR-202404-0165",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      }
    ],
    "trust": 1.3067591266666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      }
    ]
  },
  "last_update_date": "2024-08-14T15:15:30.302000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens SIMATIC WinCC Denial of Service Vulnerability (CNVD-2024-17302)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/540266"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-120",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-50821"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-730482.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-50821"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-50821"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-04-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      },
      {
        "date": "2024-04-09T09:15:21.270000",
        "db": "NVD",
        "id": "CVE-2023-50821"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-04-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      },
      {
        "date": "2024-07-09T12:15:10.570000",
        "db": "NVD",
        "id": "CVE-2023-50821"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC Denial of Service Vulnerability (CNVD-2024-17302)",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-17302"
      }
    ],
    "trust": 0.6
  }
}

var-201303-0257
Vulnerability from variot

Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet. A buffer overflow vulnerability exists in CCEServer in versions of Siemens WinCC prior to 7.2 used in SIMATIC PCS7. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0257",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 sp1"
      },
      {
        "model": "wincc",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c8.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "08df6392-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001988"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-443"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0675"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001988"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-0675",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CVE-2013-0675",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2013-02147",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-02175",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "08df6392-2353-11e6-abef-000c29c66e3d",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "VHN-60677",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0675",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0675",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-02147",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-02175",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-443",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "08df6392-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60677",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "08df6392-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001988"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-443"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0675"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet. A buffer overflow vulnerability exists in CCEServer in versions of Siemens WinCC prior to 7.2 used in SIMATIC PCS7. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0675"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001988"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "IVD",
        "id": "08df6392-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60677"
      }
    ],
    "trust": 3.24
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0675",
        "trust": 3.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-02",
        "trust": 2.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-714398",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "58545",
        "trust": 1.5
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-443",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02147",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001988",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "08DF6392-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60677",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "120899",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "08df6392-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60677"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001988"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-443"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0675"
      }
    ]
  },
  "id": "VAR-201303-0257",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "08df6392-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60677"
      }
    ],
    "trust": 2.1048571666666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.4
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "08df6392-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:45:45.034000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      },
      {
        "title": "Patch for Siemens WinCC CCEServer Buffer Overflow Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/33000"
      },
      {
        "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/33002"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001988"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001988"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0675"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "trust": 2.0,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0675"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/58545"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0675"
      },
      {
        "trust": 0.8,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60677"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001988"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-443"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0675"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "08df6392-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60677"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001988"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-443"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0675"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-26T00:00:00",
        "db": "IVD",
        "id": "08df6392-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60677"
      },
      {
        "date": "2013-03-15T00:00:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001988"
      },
      {
        "date": "2013-03-21T15:07:17",
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-443"
      },
      {
        "date": "2013-03-21T15:55:01.553000",
        "db": "NVD",
        "id": "CVE-2013-0675"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60677"
      },
      {
        "date": "2013-04-02T15:37:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001988"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-443"
      },
      {
        "date": "2024-11-21T01:47:59.333000",
        "db": "NVD",
        "id": "CVE-2013-0675"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC CCEServer Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "08df6392-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02147"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-443"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "08df6392-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-443"
      }
    ],
    "trust": 0.8
  }
}

var-201808-0744
Vulnerability from variot

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions < V15 Update 2). Improper file permissions in the default installation of TIA Portal may allow an attacker with local file system access to manipulate resources which may be transferred to devices and executed there by a different user. No special privileges are required, but the victim needs to transfer the manipulated files to a device. Execution is caused on the target device rather than on the PG device. SIMATIC STEP 7 and WinCC (TIA Portal ) Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC STEP 7 (TIA Portal) is a set of programming software for SIMATIC controllers. The software provides PLC programming, design option packages and advanced drive technology. WinCC (TIA Portal) is an automated data acquisition and monitoring (SCADA) system. The system provides functions such as process monitoring and data acquisition. And resources that are executed by the user. Siemens SIMATIC STEP 7 and SIMATIC WinCC are prone to multiple insecure file-permissions vulnerabilities. A local attacker can exploit these issues by gaining access to a world-readable file and extracting sensitive information from it. Information obtained may aid in other attacks

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201808-0744",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "12.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "10.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "10.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "12.0"
      },
      {
        "model": "simatic step 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "710"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "711"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "712"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "713"
      },
      {
        "model": "simatic step sp1 update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "714.*\u003c146"
      },
      {
        "model": "simatic step update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "715.*\u003c152"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "10"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "wincc sp1 update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14.*\u003c146"
      },
      {
        "model": "wincc update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "15.*\u003c152"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic step 7 tia portal",
        "version": "13.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v120"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v110"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v10"
      },
      {
        "model": "simatic step tia portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v14"
      },
      {
        "model": "simatic step tia portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v13"
      },
      {
        "model": "simatic step tia portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v12"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v15"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v11"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v10"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "10.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "11.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "12.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "14.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "15.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "10.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "11.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "12.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "14.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "15.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19602"
      },
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-240"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11454"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_step_7_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Younes Dragoni from Nozomi Networks.",
    "sources": [
      {
        "db": "BID",
        "id": "105115"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-11454",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "id": "CVE-2018-11454",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2018-19602",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "id": "VHN-121315",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2018-11454",
            "impactScore": 6.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-11454",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-11454",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-19602",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201808-240",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-121315",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19602"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121315"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-240"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11454"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions \u003c V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions \u003c V15 Update 2). Improper file permissions in the default installation of TIA Portal may allow an attacker with local file system access to manipulate resources which may be transferred to devices and executed there by a different user. No special privileges are required, but the victim needs to transfer the manipulated files to a device. Execution is caused on the target device rather than on the PG device. SIMATIC STEP 7 and WinCC (TIA Portal ) Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC STEP 7 (TIA Portal) is a set of programming software for SIMATIC controllers. The software provides PLC programming, design option packages and advanced drive technology. WinCC (TIA Portal) is an automated data acquisition and monitoring (SCADA) system. The system provides functions such as process monitoring and data acquisition. And resources that are executed by the user. Siemens SIMATIC STEP 7 and SIMATIC WinCC are prone to multiple insecure file-permissions vulnerabilities. \nA local attacker can exploit these issues by gaining access to a world-readable file and extracting sensitive information from it. Information obtained may aid in other attacks",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-11454"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19602"
      },
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "IVD",
        "id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121315"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-11454",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-979106",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "105115",
        "trust": 2.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-226-01",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-240",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19602",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009208",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E2FC30C0-39AB-11E9-8AE0-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-121315",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19602"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121315"
      },
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-240"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11454"
      }
    ]
  },
  "id": "VAR-201808-0744",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19602"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121315"
      }
    ],
    "trust": 1.6649055914285715
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19602"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:30:18.527000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-979106",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979106.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC STEP 7 and WinCC Rights Management Vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/140875"
      },
      {
        "title": "Siemens SIMATIC STEP 7  and WinCC Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83959"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-19602"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-240"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-732",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-276",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-121315"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11454"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979106.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/105115"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-226-01"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11454"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11454"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-19602"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121315"
      },
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-240"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11454"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19602"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121315"
      },
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-240"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11454"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-09-21T00:00:00",
        "db": "IVD",
        "id": "e2fc30c0-39ab-11e9-8ae0-000c29342cb1"
      },
      {
        "date": "2018-09-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-19602"
      },
      {
        "date": "2018-08-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-121315"
      },
      {
        "date": "2018-08-14T00:00:00",
        "db": "BID",
        "id": "105115"
      },
      {
        "date": "2018-11-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      },
      {
        "date": "2018-08-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201808-240"
      },
      {
        "date": "2018-08-07T15:29:00.373000",
        "db": "NVD",
        "id": "CVE-2018-11454"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-09-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-19602"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-121315"
      },
      {
        "date": "2018-08-14T00:00:00",
        "db": "BID",
        "id": "105115"
      },
      {
        "date": "2019-01-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201808-240"
      },
      {
        "date": "2024-11-21T03:43:24.100000",
        "db": "NVD",
        "id": "CVE-2018-11454"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-240"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATIC STEP 7 and  WinCC Vulnerabilities related to authorization, permissions, and access control",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009208"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control issues",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-240"
      }
    ],
    "trust": 0.6
  }
}

var-201907-1455
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The SIMATIC WinCC DataMonitor web is one of the data analysis and display components.

A security vulnerability exists in the SIMATIC WinCC DataMonitor web in several Siemens products. Siemens SIMATIC WinCC and SIMATIC PCS 7 are prone to an arbitrary file-upload vulnerability

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201907-1455",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7v8.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7v8.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7v9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v7.3"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c=v8.0"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v7.2"
      },
      {
        "model": "simatic wincc professional (tia portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v13)"
      },
      {
        "model": "simatic wincc professional (tia portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v14)"
      },
      {
        "model": "simatic wincc professional (tia portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v15)"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.5"
      },
      {
        "model": "simatic wincc runtime professional update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.11"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime professional update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc runtime professional sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime professional sp1 upd2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime professional sp update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1319"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc professional sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc professional sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.41"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.32"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.313"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.311"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.310"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.31"
      },
      {
        "model": "simatic wincc upd4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.29"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc sp3 upd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.08"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "79.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.53"
      },
      {
        "model": "simatic wincc sp-1 upd-11",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic pcs sp-2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "79.0"
      },
      {
        "model": "simatic pcs sp-1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.2"
      },
      {
        "model": "simatic pcs siemens simatic wincc",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "7\u003c=v8.0\u003c=v7.2"
      },
      {
        "model": "simatic wincc siemens simatic wincc professional (tia portal siemens simatic wincc professional (tia portal siemens simatic w",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "v7.4v15)v14)"
      },
      {
        "model": "simatic wincc runtime professional siemens simatic wincc",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "v15v7.5"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "69364700-0a59-4c18-a969-e06b68873d4f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-22244"
      },
      {
        "db": "BID",
        "id": "109127"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10935"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Xuchen Zhu from ZheJiang Guoli Security Technology CNCERT/CC",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-609"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10935",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2019-10935",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-22244",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "69364700-0a59-4c18-a969-e06b68873d4f",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-142531",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.2,
            "id": "CVE-2019-10935",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-10935",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-10935",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-22244",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201907-609",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "69364700-0a59-4c18-a969-e06b68873d4f",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142531",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-10935",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "69364700-0a59-4c18-a969-e06b68873d4f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-22244"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142531"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10935"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-609"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10935"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The SIMATIC WinCC DataMonitor web is one of the data analysis and display components. \n\nA security vulnerability exists in the SIMATIC WinCC DataMonitor web in several Siemens products. Siemens SIMATIC WinCC and SIMATIC PCS 7 are prone to an arbitrary file-upload vulnerability",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10935"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-22244"
      },
      {
        "db": "BID",
        "id": "109127"
      },
      {
        "db": "IVD",
        "id": "69364700-0a59-4c18-a969-e06b68873d4f"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142531"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10935"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10935",
        "trust": 2.9
      },
      {
        "db": "SIEMENS",
        "id": "SSA-121293",
        "trust": 2.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-192-02",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "109127",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-22244",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-006590",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-609",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.2574",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "69364700-0A59-4C18-A969-E06B68873D4F",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142531",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10935",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "69364700-0a59-4c18-a969-e06b68873d4f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-22244"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142531"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10935"
      },
      {
        "db": "BID",
        "id": "109127"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-609"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10935"
      }
    ]
  },
  "id": "VAR-201907-1455",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "69364700-0a59-4c18-a969-e06b68873d4f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-22244"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142531"
      }
    ],
    "trust": 1.616291167
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "69364700-0a59-4c18-a969-e06b68873d4f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-22244"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:59:49.073000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-121293",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf"
      },
      {
        "title": "Patch for Multiple Siemens product code upload vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/168509"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9f83ea9c05726639cd4642c3972ec527"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-22244"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10935"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-434",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142531"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10935"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-192-02"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10935"
      },
      {
        "trust": 1.3,
        "url": "https://www.securityfocus.com/bid/109127"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.9,
        "url": "https://new.siemens.com/global/en/products/services/cert.html#securitypublications"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10935"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.2574/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/siemens-simatic-pcs7-wincc-file-upload-via-datamonitor-29733"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/434.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163660"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-22244"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142531"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10935"
      },
      {
        "db": "BID",
        "id": "109127"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-609"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10935"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "69364700-0a59-4c18-a969-e06b68873d4f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-22244"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142531"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10935"
      },
      {
        "db": "BID",
        "id": "109127"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-609"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10935"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-07-12T00:00:00",
        "db": "IVD",
        "id": "69364700-0a59-4c18-a969-e06b68873d4f"
      },
      {
        "date": "2019-07-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-22244"
      },
      {
        "date": "2019-07-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142531"
      },
      {
        "date": "2019-07-11T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10935"
      },
      {
        "date": "2019-07-09T00:00:00",
        "db": "BID",
        "id": "109127"
      },
      {
        "date": "2019-07-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      },
      {
        "date": "2019-07-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201907-609"
      },
      {
        "date": "2019-07-11T22:15:11.797000",
        "db": "NVD",
        "id": "CVE-2019-10935"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-22244"
      },
      {
        "date": "2019-10-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142531"
      },
      {
        "date": "2019-10-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10935"
      },
      {
        "date": "2019-07-09T00:00:00",
        "db": "BID",
        "id": "109127"
      },
      {
        "date": "2019-07-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      },
      {
        "date": "2019-10-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201907-609"
      },
      {
        "date": "2024-11-21T04:20:11.120000",
        "db": "NVD",
        "id": "CVE-2019-10935"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-609"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Product unrestricted upload vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-006590"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201907-609"
      }
    ],
    "trust": 0.6
  }
}

var-201804-1651
Vulnerability from variot

A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural Siemens SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC BATCH, etc. are all industrial automation products from Siemens AG. Siemens OpenPCS, etc. Siemens OpenPCS is a process control system. SIMATIC BATCH is a set of software packages for batch automation. Input validation vulnerabilities exist in several Siemens products

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201804-1651",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic route control",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "openpcs 7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "openpcs 7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "openpcs 7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "openpcs 7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "openpcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic net pc software",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "sppa-t3000 application server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "r8.2"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "sppa-t3000 application server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "r8.2"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic net pc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic batch",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic net pc software",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic openpcs 7",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic openpcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic openpcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic openpcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic openpcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic batch",
        "version": "8.1"
      },
      {
        "model": "simatic net pc-software",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.2"
      },
      {
        "model": "openpcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c=v7.1"
      },
      {
        "model": "openpcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.0"
      },
      {
        "model": "openpcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.1"
      },
      {
        "model": "openpcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.2"
      },
      {
        "model": "openpcs upd1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003cv9.0"
      },
      {
        "model": "simatic batch",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v7.1"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.1"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.2"
      },
      {
        "model": "simatic batch upd1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v9.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c=v7.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.1"
      },
      {
        "model": "simatic pcs upd1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003cv9.0"
      },
      {
        "model": "simatic route control",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v7.1"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.1"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.2"
      },
      {
        "model": "simatic route control upd1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v9.0"
      },
      {
        "model": "simatic wincc runtime professional sp1 upd5",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=7.2"
      },
      {
        "model": "simatic wincc upd16",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc sp1 upd4",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "openpcs 7",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic batch",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic wincc",
        "version": "7.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openpcs 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openpcs 7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openpcs 7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openpcs 7",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openpcs 7",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic batch",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic batch",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic batch",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic net pc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic route control",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic route control",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic route control",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic route control",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime professional",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime professional",
        "version": "14"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.3"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-07037"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-407"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4832"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_batch",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_openpcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_route_control",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gleb Gritsai",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-407"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2018-4832",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2018-4832",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-4832",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-07037",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-134863",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-4832",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-4832",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-4832",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-4832",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-07037",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201804-407",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-134863",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-07037"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134863"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-407"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4832"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions \u003c V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions \u003c V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions \u003c V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd10), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions \u003c 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions \u003c WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions \u003c WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions \u003c Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural Siemens SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC BATCH, etc. are all industrial automation products from Siemens AG. Siemens OpenPCS, etc. Siemens OpenPCS is a process control system. SIMATIC BATCH is a set of software packages for batch automation. Input validation vulnerabilities exist in several Siemens products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-4832"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-07037"
      },
      {
        "db": "IVD",
        "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134863"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-4832",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-348629",
        "trust": 2.3
      },
      {
        "db": "PACKETSTORM",
        "id": "155665",
        "trust": 1.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-451445",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-088-03",
        "trust": 1.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-351-02",
        "trust": 1.4
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-07037",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-407",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004994",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.4705",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "E2EA2F61-39AB-11E9-9643-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-98989",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-134863",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-07037"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134863"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      },
      {
        "db": "PACKETSTORM",
        "id": "155665"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-407"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4832"
      }
    ]
  },
  "id": "VAR-201804-1651",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-07037"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134863"
      }
    ],
    "trust": 1.6839108491666668
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-07037"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:36:20.736000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-348629",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC Multiple Product Denial of Service Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/176379"
      },
      {
        "title": "Multiple Siemens Fixes for product input validation vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=83209"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-07037"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-407"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-134863"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4832"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
      },
      {
        "trust": 2.3,
        "url": "http://packetstormsecurity.com/files/155665/siemens-security-advisory-sppa-t3000-code-execution.html"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-088-03"
      },
      {
        "trust": 1.4,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-351-02"
      },
      {
        "trust": 0.9,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4832"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4832"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.4705/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18303"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18292"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18306"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18297"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18283"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18301"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18287"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18294"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18288"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18307"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18296"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18299"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18291"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18295"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18300"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18284"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18290"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18305"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18302"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18286"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18293"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18285"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18289"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18298"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18304"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-07037"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134863"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      },
      {
        "db": "PACKETSTORM",
        "id": "155665"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-407"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4832"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-07037"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134863"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      },
      {
        "db": "PACKETSTORM",
        "id": "155665"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-407"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4832"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-04-04T00:00:00",
        "db": "IVD",
        "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1"
      },
      {
        "date": "2018-04-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-07037"
      },
      {
        "date": "2018-04-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-134863"
      },
      {
        "date": "2018-07-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      },
      {
        "date": "2019-12-13T15:10:44",
        "db": "PACKETSTORM",
        "id": "155665"
      },
      {
        "date": "2018-04-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201804-407"
      },
      {
        "date": "2018-04-24T17:29:00.227000",
        "db": "NVD",
        "id": "CVE-2018-4832"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-07037"
      },
      {
        "date": "2020-03-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-134863"
      },
      {
        "date": "2019-12-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      },
      {
        "date": "2022-10-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201804-407"
      },
      {
        "date": "2024-11-21T04:07:32.557000",
        "db": "NVD",
        "id": "CVE-2018-4832"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-407"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens SIMATIC Vulnerability related to input validation in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004994"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation error",
    "sources": [
      {
        "db": "IVD",
        "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-407"
      }
    ],
    "trust": 0.8
  }
}

var-201303-0251
Vulnerability from variot

Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0251",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc tia portal",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc tia portal",
        "version": "11.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0933b320-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001982"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-437"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0668"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001982"
      }
    ]
  },
  "cve": "CVE-2013-0668",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2013-0668",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "0933b320-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-60670",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0668",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0668",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-437",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "0933b320-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60670",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0933b320-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60670"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001982"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-437"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0668"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0668"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001982"
      },
      {
        "db": "IVD",
        "id": "0933b320-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60670"
      }
    ],
    "trust": 1.89
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0668",
        "trust": 2.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-03",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-212483",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-437",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001982",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "0933B320-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60670",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0933b320-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60670"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001982"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-437"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0668"
      }
    ]
  },
  "id": "VAR-201303-0251",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "0933b320-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60670"
      }
    ],
    "trust": 0.9086316000000001
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0933b320-2353-11e6-abef-000c29c66e3d"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:08:32.446000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-212483: Vulnerabilities in WinCC (TIA Portal) V11",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001982"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60670"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001982"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0668"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-03.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "trust": 1.6,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0668"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60670"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001982"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-437"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0668"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "0933b320-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60670"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001982"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-437"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0668"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "IVD",
        "id": "0933b320-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60670"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001982"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-437"
      },
      {
        "date": "2013-03-21T14:55:01.480000",
        "db": "NVD",
        "id": "CVE-2013-0668"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60670"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001982"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-437"
      },
      {
        "date": "2024-11-21T01:47:58.570000",
        "db": "NVD",
        "id": "CVE-2013-0668"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-437"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC HMI web Multiple Cross-Site Scripting Vulnerabilities",
    "sources": [
      {
        "db": "IVD",
        "id": "0933b320-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-437"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-437"
      }
    ],
    "trust": 0.6
  }
}

var-201202-0047
Vulnerability from variot

CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. plural Siemens Product HMI Web The server CRLF An injection vulnerability exists.By any third party HTTP Inserted header, and HTTP Response splitting attacks can be triggered. Siemens SIMATIC is an automation software in a single engineering environment. The HMI web server has a header injection vulnerability that allows elevation of privilege, stealing data or breaking services. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0047",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11 sp2 update 1"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "2008 sp3"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "289d30d2-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0462"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001314"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4512"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001314"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ICS-CERT",
    "sources": [
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-087"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2011-4512",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2011-4512",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "289d30d2-2354-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-52457",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4512",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4512",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-087",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "289d30d2-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52457",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "289d30d2-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52457"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001314"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4512"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. plural Siemens Product HMI Web The server CRLF An injection vulnerability exists.By any third party HTTP Inserted header, and HTTP Response splitting attacks can be triggered. Siemens SIMATIC is an automation software in a single engineering environment. The HMI web server has a header injection vulnerability that allows elevation of privilege, stealing data or breaking services. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. \nA remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4512"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001314"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0462"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "IVD",
        "id": "289d30d2-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52457"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4512",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0462",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-087",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001314",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "18633",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01A",
        "trust": 0.3
      },
      {
        "db": "BID",
        "id": "51836",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "289D30D2-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52457",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "289d30d2-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0462"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52457"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001314"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4512"
      }
    ]
  },
  "id": "VAR-201202-0047",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "289d30d2-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0462"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52457"
      }
    ],
    "trust": 1.5153960400000002
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "289d30d2-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0462"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:29.458000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC HMI Header Injection Vulnerability (CNVD-2012-0462)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/9060"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0462"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001314"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-94",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52457"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001314"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4512"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4512"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4512"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/18633"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0462"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52457"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001314"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4512"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "289d30d2-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0462"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52457"
      },
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001314"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4512"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "IVD",
        "id": "289d30d2-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0462"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52457"
      },
      {
        "date": "2012-02-02T00:00:00",
        "db": "BID",
        "id": "51836"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001314"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-087"
      },
      {
        "date": "2012-02-03T20:55:01.453000",
        "db": "NVD",
        "id": "CVE-2011-4512"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0462"
      },
      {
        "date": "2012-02-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52457"
      },
      {
        "date": "2012-04-18T21:20:00",
        "db": "BID",
        "id": "51836"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001314"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-087"
      },
      {
        "date": "2024-11-21T01:32:27.243000",
        "db": "NVD",
        "id": "CVE-2011-4512"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-087"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC HMI Web Server Multiple Input Validation Vulnerabilities",
    "sources": [
      {
        "db": "BID",
        "id": "51836"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-087"
      }
    ],
    "trust": 0.9
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Code injection",
    "sources": [
      {
        "db": "IVD",
        "id": "289d30d2-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-087"
      }
    ],
    "trust": 0.8
  }
}

var-201202-0044
Vulnerability from variot

The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime has an improperly selected default password for the administrator account, which makes it easier for remote attackers to obtain access via a brute-force approach involving many HTTP requests. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. The default management password exists for multiple Siemens SIMATIC products. The default account password for the WEB interface is \"Administrator: 100\", and the password \"100\" can also be used for the VNC service. If the user changes the password containing special characters, the system will put the password. Reset to \"100\". The following products are affected by this vulnerability: SIMATIC WinCC Flexible 2004 through 2008 SP2SIMATIC WinCC V11, V11 SP1, and V11 SP2 SIMATIC HMI TP, OP, MP, Mobile, and Comfort Series Panels Successful exploits allow an attacker to log in with user or administrator privileges Affect the system. An attacker can exploit these issues to bypass intended security restrictions and gain access to the affected application. Successfully exploiting these issues may lead to further attacks. The Siemens SIMATIC HMI product family is used as the human-machine interface between the corresponding PLC and the operator

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0044",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible sp2",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc sp2",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2875d28a-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5449"
      },
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-423"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4509"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Billy Rios and Terry McCorkle",
    "sources": [
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-423"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2011-4509",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2011-4509",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "2875d28a-2354-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-52454",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4509",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4509",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201112-423",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "2875d28a-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52454",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2875d28a-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52454"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-423"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4509"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime has an improperly selected default password for the administrator account, which makes it easier for remote attackers to obtain access via a brute-force approach involving many HTTP requests. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. The default management password exists for multiple Siemens SIMATIC products. The default account password for the WEB interface is \\\"Administrator: 100\\\", and the password \\\"100\\\" can also be used for the VNC service. If the user changes the password containing special characters, the system will put the password. Reset to \\\"100\\\". The following products are affected by this vulnerability: SIMATIC WinCC Flexible 2004 through 2008 SP2SIMATIC WinCC V11, V11 SP1, and V11 SP2 SIMATIC HMI TP, OP, MP, Mobile, and Comfort Series Panels Successful exploits allow an attacker to log in with user or administrator privileges Affect the system. \nAn attacker can exploit these issues to bypass intended security   restrictions and gain access to the affected application.  Successfully   exploiting these issues may lead to further attacks. The Siemens SIMATIC HMI product family is used as the human-machine interface between the corresponding PLC and the operator",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4509"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5449"
      },
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "IVD",
        "id": "2875d28a-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52454"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4509",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-423",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "51177",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5449",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001311",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "18390",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-11-356-01",
        "trust": 0.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01A",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "2875D28A-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52454",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2875d28a-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5449"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52454"
      },
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-423"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4509"
      }
    ]
  },
  "id": "VAR-201202-0044",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "2875d28a-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5449"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52454"
      }
    ],
    "trust": 1.575178075
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "2875d28a-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5449"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:29.700000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for multiple Siemens SIMATIC Product Verification Bypass Vulnerabilities (CNVD-2011-5449)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72709"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5449"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52454"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4509"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4509"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4509"
      },
      {
        "trust": 0.6,
        "url": "http://xs-sniper.com/blog/2011/12/20/the-siemens-simatic-remote-authentication-bypass-that-doesnt-exist/http"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/51177"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/18390"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/user-interface/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://xs-sniper.com/blog/2011/12/20/the-siemens-simatic-remote-authentication-bypass-that-doesnt-exist/"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-356-01.pdf"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5449"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52454"
      },
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-423"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4509"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "2875d28a-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5449"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52454"
      },
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-423"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4509"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-12-26T00:00:00",
        "db": "IVD",
        "id": "2875d28a-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2011-12-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5449"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52454"
      },
      {
        "date": "2011-12-22T00:00:00",
        "db": "BID",
        "id": "51177"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      },
      {
        "date": "1900-01-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201112-423"
      },
      {
        "date": "2012-02-03T20:55:01.297000",
        "db": "NVD",
        "id": "CVE-2011-4509"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5449"
      },
      {
        "date": "2012-02-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52454"
      },
      {
        "date": "2012-04-18T21:20:00",
        "db": "BID",
        "id": "51177"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      },
      {
        "date": "2011-12-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201112-423"
      },
      {
        "date": "2024-11-21T01:32:26.890000",
        "db": "NVD",
        "id": "CVE-2011-4509"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-423"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Product  HMI Web Vulnerability to gain access rights on the server",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001311"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-423"
      }
    ],
    "trust": 0.6
  }
}

var-201411-0459
Vulnerability from variot

The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC WinCC, SIMATIC PCS 7 and TIA Portal (Botu) are all industrial automation products of German Siemens (Siemens). SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC; TIA Portal is a software platform that can quickly develop and debug automation systems. WinCC server is an option for it, which can operate multiple operating systems and monitoring stations in the network connected to the automation system. There are security vulnerabilities in the WinCC server of several Siemens products

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201411-0459",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": null,
        "scope": "eq",
        "trust": 3.2,
        "vendor": "simatic wincc",
        "version": "7.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.6,
        "vendor": "simatic wincc",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic tiaportal",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "simatic tiaportal",
        "version": "13.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3 update 2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2 update 9"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.1 to  7.1 sp4"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 to  8.0 sp2"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 to  7.0 sp3"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13 update 6"
      },
      {
        "model": "wincc 7.0-sp3",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc (\u003cupdate",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.29)"
      },
      {
        "model": "wincc (\u003cupdate",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.32)"
      },
      {
        "model": "simatic pcs 7.1-sp4",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7"
      },
      {
        "model": "simatic pcs 8.0-sp2",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic pcs7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic pcs 7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic wincc",
        "version": "7.3"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4b94e28-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5c884bc4-e541-45c1-9c37-0147460766ff"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005644"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-500"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8551"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_tiaportal",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005644"
      }
    ]
  },
  "cve": "CVE-2014-8551",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-8551",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-08593",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "b4b94e28-2351-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "5c884bc4-e541-45c1-9c37-0147460766ff",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-76496",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-8551",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-8551",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-08593",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201411-500",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "b4b94e28-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "5c884bc4-e541-45c1-9c37-0147460766ff",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-76496",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2014-8551",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4b94e28-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5c884bc4-e541-45c1-9c37-0147460766ff"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76496"
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-8551"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005644"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-500"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8551"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC WinCC, SIMATIC PCS 7 and TIA Portal (Botu) are all industrial automation products of German Siemens (Siemens). SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC; TIA Portal is a software platform that can quickly develop and debug automation systems. WinCC server is an option for it, which can operate multiple operating systems and monitoring stations in the network connected to the automation system. There are security vulnerabilities in the WinCC server of several Siemens products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-8551"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005644"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      },
      {
        "db": "IVD",
        "id": "b4b94e28-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5c884bc4-e541-45c1-9c37-0147460766ff"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76496"
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-8551"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-8551",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-134508",
        "trust": 2.4
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-500",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08593",
        "trust": 1.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-329-02",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005644",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "60068",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "B4B94E28-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "5C884BC4-E541-45C1-9C37-0147460766FF",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-76496",
        "trust": 0.1
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-329-02D",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-8551",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4b94e28-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5c884bc4-e541-45c1-9c37-0147460766ff"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76496"
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-8551"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005644"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-500"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8551"
      }
    ]
  },
  "id": "VAR-201411-0459",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "b4b94e28-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5c884bc4-e541-45c1-9c37-0147460766ff"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76496"
      }
    ],
    "trust": 1.7048571666666668
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4b94e28-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5c884bc4-e541-45c1-9c37-0147460766ff"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:01:59.863000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-134508",
        "trust": 0.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC/PCS 7 arbitrary code execution vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/52284"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/siemens-patches-wincc-vulnerabilities-likely-being-exploited/109631/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-8551"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005644"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-94",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-76496"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005644"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8551"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8551"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8551"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-329-02"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60068"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/94.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/siemens-patches-wincc-vulnerabilities-likely-being-exploited/109631/"
      },
      {
        "trust": 0.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-329-02d"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76496"
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-8551"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005644"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-500"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8551"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "b4b94e28-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5c884bc4-e541-45c1-9c37-0147460766ff"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76496"
      },
      {
        "db": "VULMON",
        "id": "CVE-2014-8551"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005644"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-500"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8551"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-12-01T00:00:00",
        "db": "IVD",
        "id": "b4b94e28-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-12-01T00:00:00",
        "db": "IVD",
        "id": "5c884bc4-e541-45c1-9c37-0147460766ff"
      },
      {
        "date": "2014-12-01T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      },
      {
        "date": "2014-11-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-76496"
      },
      {
        "date": "2014-11-26T00:00:00",
        "db": "VULMON",
        "id": "CVE-2014-8551"
      },
      {
        "date": "2014-11-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-005644"
      },
      {
        "date": "2014-11-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201411-500"
      },
      {
        "date": "2014-11-26T11:59:00.093000",
        "db": "NVD",
        "id": "CVE-2014-8551"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-12-01T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      },
      {
        "date": "2014-11-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-76496"
      },
      {
        "date": "2014-11-26T00:00:00",
        "db": "VULMON",
        "id": "CVE-2014-8551"
      },
      {
        "date": "2014-11-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-005644"
      },
      {
        "date": "2014-11-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201411-500"
      },
      {
        "date": "2024-11-21T02:19:19.247000",
        "db": "NVD",
        "id": "CVE-2014-8551"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-500"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC/PCS 7 Arbitrary code execution vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "b4b94e28-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5c884bc4-e541-45c1-9c37-0147460766ff"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08593"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Code injection",
    "sources": [
      {
        "db": "IVD",
        "id": "b4b94e28-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5c884bc4-e541-45c1-9c37-0147460766ff"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-500"
      }
    ],
    "trust": 1.0
  }
}

var-202202-0368
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server. SIMATIC PCS 7 and SIMATIC WinCC Is vulnerable to improper restrictions on excessive authentication attempts.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are the products of Germany's Siemens (Siemens). SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and supervisory control (SCADA) system

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0368",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "17"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c=v8.2"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v15"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v7.4"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.1"
      },
      {
        "model": "simatic wincc sp2 update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.56"
      },
      {
        "model": "simatic wincc update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v165"
      },
      {
        "model": "simatic wincc update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v172"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10001"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005070"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40360"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-593"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-40360",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2021-40360",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2022-10001",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-401717",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2021-40360",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-40360",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-40360",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-40360",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2022-10001",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202202-593",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-401717",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10001"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005070"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-593"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40360"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server. SIMATIC PCS 7 and SIMATIC WinCC Is vulnerable to improper restrictions on excessive authentication attempts.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are the products of Germany\u0027s Siemens (Siemens). SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and supervisory control (SCADA) system",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-40360"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005070"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-10001"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401717"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-40360",
        "trust": 3.9
      },
      {
        "db": "SIEMENS",
        "id": "SSA-914168",
        "trust": 2.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-041-02",
        "trust": 1.4
      },
      {
        "db": "JVN",
        "id": "JVNVU98748974",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005070",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-10001",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.0606",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022021107",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-593",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-401717",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10001"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005070"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-593"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40360"
      }
    ]
  },
  "id": "VAR-202202-0368",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10001"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401717"
      }
    ],
    "trust": 1.3986949499999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10001"
      }
    ]
  },
  "last_update_date": "2024-11-23T20:59:36.366000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-914168",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Information Disclosure Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/318456"
      },
      {
        "title": "Siemens SIMATIC WinCC Repair measures for information disclosure vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=182415"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10001"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005070"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-593"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-522",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-200",
        "trust": 1.0
      },
      {
        "problemtype": "Inappropriate limitation of excessive authentication attempts (CWE-307) [NVD evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-307",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005070"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40360"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40360"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu98748974/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-02"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-user-access-via-credentials-brute-force-37483"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.0606"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022021107"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-041-02"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10001"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005070"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-593"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40360"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10001"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401717"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005070"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-593"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40360"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-02-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2022-10001"
      },
      {
        "date": "2022-02-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-401717"
      },
      {
        "date": "2023-05-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-005070"
      },
      {
        "date": "2022-02-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202202-593"
      },
      {
        "date": "2022-02-09T16:15:13.813000",
        "db": "NVD",
        "id": "CVE-2021-40360"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-02-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2022-10001"
      },
      {
        "date": "2022-10-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-401717"
      },
      {
        "date": "2023-05-16T08:50:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-005070"
      },
      {
        "date": "2023-07-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202202-593"
      },
      {
        "date": "2024-11-21T06:23:57.097000",
        "db": "NVD",
        "id": "CVE-2021-40360"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-593"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATIC\u00a0PCS\u00a07\u00a0 and \u00a0SIMATIC\u00a0WinCC\u00a0 Vulnerability in improperly limiting excessive authentication attempts in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005070"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-593"
      }
    ],
    "trust": 0.6
  }
}

var-201308-0266
Vulnerability from variot

Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to hijack the authentication of unspecified victims by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. Siemens SIMATIC WinCC TIA Portal is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. Siemens SIMATIC WinCC TIA Portal prior to 12SP1 are vulnerable. The software enables fast and intuitive development and commissioning of automation systems. A remote attacker can exploit this vulnerability to hijack user authentication through incorrectly configured SIMATIC HMI panels of WinCC products

Show details on source website


{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "_id": null,
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "12.0"
      },
      {
        "_id": null,
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "11"
      },
      {
        "_id": null,
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "_id": null,
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "12 sp1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "11.0"
      },
      {
        "_id": null,
        "model": "simatic wincc tia portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "12.x"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "12.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ce456e70-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11280"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003626"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-681"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4911"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003626"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Timur Yunusov and Sergey Bobrov from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "61536"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-681"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-4911",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2013-4911",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2013-11280",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "ce456e70-2352-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-64913",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-4911",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-4911",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-11280",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201307-681",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "ce456e70-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-64913",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ce456e70-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11280"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64913"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003626"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-681"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4911"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to hijack the authentication of unspecified victims by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. Siemens SIMATIC WinCC TIA Portal is prone to a cross-site request-forgery vulnerability. \nExploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. \nSiemens SIMATIC WinCC TIA Portal prior to 12SP1 are vulnerable. The software enables fast and intuitive development and commissioning of automation systems. A remote attacker can exploit this vulnerability to hijack user authentication through incorrectly configured SIMATIC HMI panels of WinCC products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-4911"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003626"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11280"
      },
      {
        "db": "BID",
        "id": "61536"
      },
      {
        "db": "IVD",
        "id": "ce456e70-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64913"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-4911",
        "trust": 3.7
      },
      {
        "db": "BID",
        "id": "61536",
        "trust": 2.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-064884",
        "trust": 2.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-213-02",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "54051",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "54252",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-681",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11280",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003626",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "CE456E70-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "122647",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-64913",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ce456e70-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11280"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64913"
      },
      {
        "db": "BID",
        "id": "61536"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003626"
      },
      {
        "db": "PACKETSTORM",
        "id": "122647"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-681"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4911"
      }
    ]
  },
  "id": "VAR-201308-0266",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "ce456e70-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11280"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64913"
      }
    ],
    "trust": 1.4915183
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ce456e70-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11280"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:35:19.897000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "SSA-064884",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC TIA Portal cross-site request forgery vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/37986"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-11280"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003626"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-352",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-64913"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003626"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4911"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf"
      },
      {
        "trust": 1.9,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-13-213-02"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/61536"
      },
      {
        "trust": 1.1,
        "url": "http://scadastrangelove.blogspot.com/2013/08/ssa-064884-wincctia-portal-fixes.html"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/54051"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/54252"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86099"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4911"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4911"
      },
      {
        "trust": 0.6,
        "url": "http://www.secunia.com/advisories/54051/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-4911"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-4912"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-11280"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64913"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003626"
      },
      {
        "db": "PACKETSTORM",
        "id": "122647"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-681"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4911"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "ce456e70-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11280",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-64913",
        "ident": null
      },
      {
        "db": "BID",
        "id": "61536",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003626",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "122647",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-681",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4911",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2013-08-05T00:00:00",
        "db": "IVD",
        "id": "ce456e70-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2013-08-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-11280",
        "ident": null
      },
      {
        "date": "2013-08-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64913",
        "ident": null
      },
      {
        "date": "2013-07-31T00:00:00",
        "db": "BID",
        "id": "61536",
        "ident": null
      },
      {
        "date": "2013-08-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003626",
        "ident": null
      },
      {
        "date": "2013-08-02T03:07:16",
        "db": "PACKETSTORM",
        "id": "122647",
        "ident": null
      },
      {
        "date": "2013-07-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201307-681",
        "ident": null
      },
      {
        "date": "2013-08-01T13:32:26.113000",
        "db": "NVD",
        "id": "CVE-2013-4911",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2013-08-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-11280",
        "ident": null
      },
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64913",
        "ident": null
      },
      {
        "date": "2013-08-01T17:55:00",
        "db": "BID",
        "id": "61536",
        "ident": null
      },
      {
        "date": "2013-08-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003626",
        "ident": null
      },
      {
        "date": "2013-08-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201307-681",
        "ident": null
      },
      {
        "date": "2024-11-21T01:56:40.223000",
        "db": "NVD",
        "id": "CVE-2013-4911",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-681"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Siemens SIMATIC WinCC TIA Portal Cross-Site Request Forgery Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "ce456e70-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11280"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-681"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "_id": null,
    "data": "cross-site request forgery",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-681"
      }
    ],
    "trust": 0.6
  }
}

var-201202-0043
Vulnerability from variot

The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime generates predictable authentication tokens for cookies, which makes it easier for remote attackers to bypass authentication via a crafted cookie. plural Siemens Product HMI Web The server Cookie There is a vulnerability that prevents authentication because it generates a predictable authentication token.Skillfully crafted by a third party Cookie Authentication may be bypassed. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. Multiple Siemens SIMATIC products have security vulnerabilities, and the insecure generation of authentication tokens (session COOKIE guesses) allows an attacker to bypass authentication checks and increase privileges without a username and password. An attacker can exploit these issues to bypass intended security restrictions and gain access to the affected application. Successfully exploiting these issues may lead to further attacks. The Siemens SIMATIC HMI product family is used as the human-machine interface between the corresponding PLC and the operator

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0043",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible sp2",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc sp2",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11 sp2 update 1"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "2008 sp3"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28828750-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5448"
      },
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-422"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4508"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Billy Rios and Terry McCorkle",
    "sources": [
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-422"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2011-4508",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2011-4508",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2011-4508",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "28828750-2354-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-52453",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4508",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4508",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201112-422",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "28828750-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52453",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28828750-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52453"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-422"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4508"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime generates predictable authentication tokens for cookies, which makes it easier for remote attackers to bypass authentication via a crafted cookie. plural Siemens Product HMI Web The server Cookie There is a vulnerability that prevents authentication because it generates a predictable authentication token.Skillfully crafted by a third party Cookie Authentication may be bypassed. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. Multiple Siemens SIMATIC products have security vulnerabilities, and the insecure generation of authentication tokens (session COOKIE guesses) allows an attacker to bypass authentication checks and increase privileges without a username and password. \nAn attacker can exploit these issues to bypass intended security   restrictions and gain access to the affected application.  Successfully   exploiting these issues may lead to further attacks. The Siemens SIMATIC HMI product family is used as the human-machine interface between the corresponding PLC and the operator",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4508"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5448"
      },
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "IVD",
        "id": "28828750-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52453"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4508",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-422",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "51177",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5448",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001310",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "18390",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-11-356-01",
        "trust": 0.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01A",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "28828750-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52453",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28828750-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5448"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52453"
      },
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-422"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4508"
      }
    ]
  },
  "id": "VAR-201202-0043",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "28828750-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5448"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52453"
      }
    ],
    "trust": 1.575178075
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28828750-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5448"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:29.776000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for multiple Siemens SIMATIC Product Verification Bypass Vulnerabilities (CNVD-2011-5448)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72707"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5448"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52453"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4508"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4508"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4508"
      },
      {
        "trust": 0.6,
        "url": "http://xs-sniper.com/blog/2011/12/20/the-siemens-simatic-remote-authentication-bypass-that-doesnt-exist/http"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/51177"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/18390"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/user-interface/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://xs-sniper.com/blog/2011/12/20/the-siemens-simatic-remote-authentication-bypass-that-doesnt-exist/"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-356-01.pdf"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5448"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52453"
      },
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-422"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4508"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "28828750-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5448"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52453"
      },
      {
        "db": "BID",
        "id": "51177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-422"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4508"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-12-26T00:00:00",
        "db": "IVD",
        "id": "28828750-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2011-12-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5448"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52453"
      },
      {
        "date": "2011-12-22T00:00:00",
        "db": "BID",
        "id": "51177"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      },
      {
        "date": "1900-01-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201112-422"
      },
      {
        "date": "2012-02-03T20:55:01.250000",
        "db": "NVD",
        "id": "CVE-2011-4508"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5448"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52453"
      },
      {
        "date": "2012-04-18T21:20:00",
        "db": "BID",
        "id": "51177"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      },
      {
        "date": "2012-01-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201112-422"
      },
      {
        "date": "2024-11-21T01:32:26.773000",
        "db": "NVD",
        "id": "CVE-2011-4508"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-422"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Product  HMI Web Vulnerability that prevents authentication on the server",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001310"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201112-422"
      }
    ],
    "trust": 0.6
  }
}

var-201206-0115
Vulnerability from variot

Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a GET request. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters, and there is a security hole in implementation. An attacker could exploit a vulnerability to redirect a user to a malicious site. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible.

The vulnerability is caused due to an input sanitisation error within the DiagAgent web server and can be exploited to cause a buffer overflow and crash the DiagAgent.

Successful exploitation requires the DiagAgent web server to be enabled (disabled by default). ----------------------------------------------------------------------

Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch


TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA49341

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49341

RELEASE DATE: 2012-06-07

DISCUSS ADVISORY: http://secunia.com/advisories/49341/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/49341/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=49341

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A weakness and some vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious users to disclose potentially sensitive information and system information and manipulate certain data and by malicious people to conduct spoofing and cross-site scripting attacks.

1) Certain input passed via URL parameters to two unspecified web applications is not properly sanitised before being used to construct a XPath query for XML data. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code and e.g. read or write certain system settings.

2) Certain input passed via a filename to two unspecified web applications is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.

3) Certain input passed to two unspecified web applications is not properly sanitised before being returned to the user.

4) Certain input is not properly verified before being used to redirect users. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.

The weakness and the vulnerabilities are reported in version 7.0 SP3.

SOLUTION: Apply "Update 2" (please see the vendor's advisory for details).

PROVIDED AND/OR DISCOVERED BY: 1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, and Andrey Medov, Positive Technologies. 4) Reported by the vendor.

ORIGINAL ADVISORY: Siemens: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf

ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201206-0115",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc sp3",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "update 2"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3215"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-088"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3003"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov and Siemens",
    "sources": [
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-088"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2012-3003",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2012-3003",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "c4a98de6-2353-11e6-abef-000c29c66e3d",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-56284",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-3003",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-3003",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201206-088",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "c4a98de6-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-56284",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56284"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-088"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3003"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a GET request. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters, and there is a security hole in implementation. An attacker could exploit a vulnerability to redirect a user to a malicious site. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. \n\nThe vulnerability is caused due to an input sanitisation error within\nthe DiagAgent web server and can be exploited to cause a buffer\noverflow and crash the DiagAgent. \n\nSuccessful exploitation requires the DiagAgent web server to be\nenabled (disabled by default). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49341\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49341/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nRELEASE DATE:\n2012-06-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49341/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49341/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and some vulnerabilities have been reported in Siemens\nSIMATIC WinCC, which can be exploited by malicious users to disclose\npotentially sensitive information and system information and\nmanipulate certain data and by malicious people to conduct spoofing\nand cross-site scripting attacks. \n\n1) Certain input passed via URL parameters to two unspecified web\napplications is not properly sanitised before being used to construct\na XPath query for XML data. This can be exploited to manipulate XPath\nqueries by injecting arbitrary XPath code and e.g. read or write\ncertain system settings. \n\n2) Certain input passed via a filename to two unspecified web\napplications is not properly verified before being used to display\nfiles. This can be exploited to disclose the contents of arbitrary\nfiles via directory traversal sequences. \n\n3) Certain input passed to two unspecified web applications is not\nproperly sanitised before being returned to the user. \n\n4) Certain input is not properly verified before being used to\nredirect users. when a user clicks a specially crafted link to\nthe affected script hosted on a trusted domain. \n\nThe weakness and the vulnerabilities are reported in version 7.0 SP3. \n\nSOLUTION:\nApply \"Update 2\" (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey\nScherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis\nBaranov, and Andrey Medov, Positive Technologies. \n4) Reported by the vendor. \n\nORIGINAL ADVISORY:\nSiemens:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-3003"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3215"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "IVD",
        "id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56284"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-3003",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-158-01",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-223158",
        "trust": 1.9
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-088",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "53837",
        "trust": 0.9
      },
      {
        "db": "SECUNIA",
        "id": "49341",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3215",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002662",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "19751",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "49359",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "C4A98DE6-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-56284",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113374",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113371",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3215"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56284"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-088"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3003"
      }
    ]
  },
  "id": "VAR-201206-0115",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3215"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56284"
      }
    ],
    "trust": 1.6009954333333334
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3215"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:02:40.709000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-223158: Multiple Vulnerabilities in WinCC 7.0 SP3",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens WinCC Vulnerability (CNVD-2012-3215)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/18135"
      },
      {
        "title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43310"
      },
      {
        "title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43309"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3215"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-088"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-56284"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3003"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-158-01.pdf"
      },
      {
        "trust": 1.9,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3003"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3003"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/49341"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/53837"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19751"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/psi_30_beta_launch"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49359/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49359/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49359"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49341/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49341/#comments"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3215"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56284"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-088"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3003"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3215"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56284"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-088"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3003"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-19T00:00:00",
        "db": "IVD",
        "id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3215"
      },
      {
        "date": "2012-06-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56284"
      },
      {
        "date": "2012-06-06T00:00:00",
        "db": "BID",
        "id": "53837"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      },
      {
        "date": "2012-06-08T07:05:53",
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "date": "2012-06-08T07:05:43",
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "date": "2012-06-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-088"
      },
      {
        "date": "2012-06-08T18:55:02.347000",
        "db": "NVD",
        "id": "CVE-2012-3003"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3215"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56284"
      },
      {
        "date": "2012-06-06T00:00:00",
        "db": "BID",
        "id": "53837"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      },
      {
        "date": "2012-06-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-088"
      },
      {
        "date": "2024-11-21T01:40:06.187000",
        "db": "NVD",
        "id": "CVE-2012-3003"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-088"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC of  Web Application open redirect vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002662"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "c4a98de6-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-088"
      }
    ],
    "trust": 0.8
  }
}

var-201812-0344
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The webserver of affected HMI devices may allow URL redirections to untrusted websites. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an open redirect vulnerability.Information may be obtained and information may be altered. Siemens SIMATIC HMI Comfort Panels are all Germany's Siemens (Siemens) company HMI software for control and monitoring of machines and equipment.

The webserver in several Siemens products has an open redirection vulnerability. Siemens SIMATIC Panels is prone to following security vulnerabilities: 1. An open-redirection vulnerability 2. A directory-traversal vulnerability Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve arbitrary files from the affected system in the context of the application or by constructing a crafted URI and enticing a user to follow it and when an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201812-0344",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi mp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi op",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi tp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi classic devices",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\" \u0026 15\" update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic hmi comfort panels 4\"-22\" update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic hmi ktp mobile panels update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic wincc update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic wincc runtime advanced update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic wincc runtime professional update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic wincc runtime",
        "version": "*"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc runtime professional sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime professional sp1 upd2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime professional sp update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1319"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc runtime advanced sp1 upd2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime advanced sp1 upd5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v135"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v12"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v120"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v110"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v136"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v10"
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "22"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic hmi comfort panels sp1 upd2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic hmi comfort panels sp1 upd5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi classic devices",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime professional update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic wincc runtime advanced update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic hmi ktp mobile panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic hmi comfort panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic hmi comfort outdoor panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi mp",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi op",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort outdoor panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp400f",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp700",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp700f",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp900",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp900f",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi tp",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e30112c1-39ab-11e9-9eae-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-24247"
      },
      {
        "db": "BID",
        "id": "105922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13813"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Hosni Tounsi from Carthage Red Team",
    "sources": [
      {
        "db": "BID",
        "id": "105922"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-13813",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2018-13813",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-24247",
            "impactScore": 6.9,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "e30112c1-39ab-11e9-9eae-000c29342cb1",
            "impactScore": 6.9,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-123910",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2018-13813",
            "impactScore": 5.2,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-13813",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-13813",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-24247",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201811-483",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e30112c1-39ab-11e9-9eae-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-123910",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e30112c1-39ab-11e9-9eae-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-24247"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123910"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-483"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13813"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Professional (All versions \u003c V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions \u003c V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The webserver of affected HMI devices may allow URL redirections to untrusted websites. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an open redirect vulnerability.Information may be obtained and information may be altered. Siemens SIMATIC HMI Comfort Panels are all Germany\u0027s Siemens (Siemens) company HMI software for control and monitoring of machines and equipment. \n\nThe webserver in several Siemens products has an open redirection vulnerability. Siemens SIMATIC Panels is prone to following security vulnerabilities:\n1. An open-redirection vulnerability\n2. A directory-traversal vulnerability\nRemote attackers may use a specially crafted request with  directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files from  the affected system in the context of the application or by constructing a crafted URI and enticing a user to follow it and when an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-13813"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-24247"
      },
      {
        "db": "BID",
        "id": "105922"
      },
      {
        "db": "IVD",
        "id": "e30112c1-39ab-11e9-9eae-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123910"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-13813",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-233109",
        "trust": 2.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-317-08",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "105922",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-483",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-24247",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014526",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E30112C1-39AB-11E9-9EAE-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-123910",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e30112c1-39ab-11e9-9eae-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-24247"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123910"
      },
      {
        "db": "BID",
        "id": "105922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-483"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13813"
      }
    ]
  },
  "id": "VAR-201812-0344",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e30112c1-39ab-11e9-9eae-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-24247"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123910"
      }
    ],
    "trust": 1.59438617
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e30112c1-39ab-11e9-9eae-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-24247"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:17:14.847000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-233109",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
      },
      {
        "title": "Patch for Multiple Siemens products open redirection vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/176377"
      },
      {
        "title": "Multiple Siemens Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86884"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-24247"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-483"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-601",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-123910"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13813"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
      },
      {
        "trust": 2.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-317-08"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/105922"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13813"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13813"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-24247"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123910"
      },
      {
        "db": "BID",
        "id": "105922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-483"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13813"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e30112c1-39ab-11e9-9eae-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-24247"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123910"
      },
      {
        "db": "BID",
        "id": "105922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-483"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13813"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-11-29T00:00:00",
        "db": "IVD",
        "id": "e30112c1-39ab-11e9-9eae-000c29342cb1"
      },
      {
        "date": "2018-11-29T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-24247"
      },
      {
        "date": "2018-12-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-123910"
      },
      {
        "date": "2018-11-14T00:00:00",
        "db": "BID",
        "id": "105922"
      },
      {
        "date": "2019-03-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      },
      {
        "date": "2018-11-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201811-483"
      },
      {
        "date": "2018-12-13T16:29:00.320000",
        "db": "NVD",
        "id": "CVE-2018-13813"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-24247"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-123910"
      },
      {
        "date": "2018-11-14T00:00:00",
        "db": "BID",
        "id": "105922"
      },
      {
        "date": "2019-03-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201811-483"
      },
      {
        "date": "2024-11-21T03:48:07.380000",
        "db": "NVD",
        "id": "CVE-2018-13813"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-483"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Open redirect vulnerability in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014526"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation error",
    "sources": [
      {
        "db": "IVD",
        "id": "e30112c1-39ab-11e9-9eae-000c29342cb1"
      },
      {
        "db": "BID",
        "id": "105922"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-483"
      }
    ],
    "trust": 1.1
  }
}

var-201308-0267
Vulnerability from variot

Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. Siemens SIMATIC WinCC TIA Portal is prone to a remote URL-redirection vulnerability. An attacker can leverage this issue by constructing a URI that includes a malicious site redirection. When an unsuspecting victim follows the URI, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Siemens SIMATIC WinCC TIA Portal prior to 12SP1 are vulnerable. The software enables fast and intuitive development and commissioning of automation systems

Show details on source website


{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "_id": null,
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "12.0"
      },
      {
        "_id": null,
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "11"
      },
      {
        "_id": null,
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "_id": null,
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "12 sp1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "11.0"
      },
      {
        "_id": null,
        "model": "simatic wincc tia portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "12.x"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "12.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11281"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003627"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-680"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4912"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003627"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Timur Yunusov and Sergey Bobrov from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "61535"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-680"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-4912",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2013-4912",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2013-11281",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "ce6aff78-2352-11e6-abef-000c29c66e3d",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-64914",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-4912",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-4912",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-11281",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201307-680",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "ce6aff78-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-64914",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11281"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64914"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003627"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-680"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4912"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. Siemens SIMATIC WinCC TIA Portal is prone to a remote URL-redirection vulnerability. \nAn attacker can leverage this issue by constructing a URI that includes a malicious site redirection. When an unsuspecting victim follows the URI, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. \nSiemens SIMATIC WinCC TIA Portal prior to 12SP1 are vulnerable. The software enables fast and intuitive development and commissioning of automation systems",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-4912"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003627"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11281"
      },
      {
        "db": "BID",
        "id": "61535"
      },
      {
        "db": "IVD",
        "id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64914"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-4912",
        "trust": 3.7
      },
      {
        "db": "BID",
        "id": "61535",
        "trust": 2.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-064884",
        "trust": 2.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-213-02",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "54051",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "54252",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-680",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11281",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003627",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "CE6AFF78-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-64914",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "122647",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11281"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64914"
      },
      {
        "db": "BID",
        "id": "61535"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003627"
      },
      {
        "db": "PACKETSTORM",
        "id": "122647"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-680"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4912"
      }
    ]
  },
  "id": "VAR-201308-0267",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11281"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64914"
      }
    ],
    "trust": 1.4915183
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11281"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:35:19.942000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "SSA-064884",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC TIA Portal URL Redirection Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/37987"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-11281"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003627"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-64914"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003627"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4912"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf"
      },
      {
        "trust": 1.9,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-13-213-02"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/61535"
      },
      {
        "trust": 1.1,
        "url": "http://scadastrangelove.blogspot.com/2013/08/ssa-064884-wincctia-portal-fixes.html"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/54051"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/54252"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86100"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4912"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4912"
      },
      {
        "trust": 0.6,
        "url": "http://www.secunia.com/advisories/54051/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-4911"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-4912"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-11281"
      },
      {
        "db": "VULHUB",
        "id": "VHN-64914"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003627"
      },
      {
        "db": "PACKETSTORM",
        "id": "122647"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-680"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4912"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "ce6aff78-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11281",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-64914",
        "ident": null
      },
      {
        "db": "BID",
        "id": "61535",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-003627",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "122647",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-680",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2013-4912",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2013-08-05T00:00:00",
        "db": "IVD",
        "id": "ce6aff78-2352-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2013-08-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-11281",
        "ident": null
      },
      {
        "date": "2013-08-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64914",
        "ident": null
      },
      {
        "date": "2013-07-31T00:00:00",
        "db": "BID",
        "id": "61535",
        "ident": null
      },
      {
        "date": "2013-08-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003627",
        "ident": null
      },
      {
        "date": "2013-08-02T03:07:16",
        "db": "PACKETSTORM",
        "id": "122647",
        "ident": null
      },
      {
        "date": "2013-07-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201307-680",
        "ident": null
      },
      {
        "date": "2013-08-01T13:32:26.127000",
        "db": "NVD",
        "id": "CVE-2013-4912",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2013-08-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-11281",
        "ident": null
      },
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-64914",
        "ident": null
      },
      {
        "date": "2013-08-01T17:55:00",
        "db": "BID",
        "id": "61535",
        "ident": null
      },
      {
        "date": "2013-08-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-003627",
        "ident": null
      },
      {
        "date": "2013-08-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201307-680",
        "ident": null
      },
      {
        "date": "2024-11-21T01:56:40.377000",
        "db": "NVD",
        "id": "CVE-2013-4912",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-680"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Siemens SIMATIC WinCC TIA Portal URL Redirection Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-11281"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "ce6aff78-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201307-680"
      }
    ],
    "trust": 0.8
  }
}

var-201206-0073
Vulnerability from variot

Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL. WinCC flexible is a human-machine interface for use in some machine or process applications. An attacker can exploit the vulnerability to read arbitrary files. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible.

The vulnerability is caused due to an input sanitisation error within the DiagAgent web server and can be exploited to cause a buffer overflow and crash the DiagAgent.

Successful exploitation requires the DiagAgent web server to be enabled (disabled by default). ----------------------------------------------------------------------

Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch


TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA49341

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49341

RELEASE DATE: 2012-06-07

DISCUSS ADVISORY: http://secunia.com/advisories/49341/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/49341/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=49341

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A weakness and some vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious users to disclose potentially sensitive information and system information and manipulate certain data and by malicious people to conduct spoofing and cross-site scripting attacks.

1) Certain input passed via URL parameters to two unspecified web applications is not properly sanitised before being used to construct a XPath query for XML data. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code and e.g. read or write certain system settings.

2) Certain input passed via a filename to two unspecified web applications is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.

3) Certain input passed to two unspecified web applications is not properly sanitised before being returned to the user.

4) Certain input is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.

The weakness and the vulnerabilities are reported in version 7.0 SP3.

SOLUTION: Apply "Update 2" (please see the vendor's advisory for details).

PROVIDED AND/OR DISCOVERED BY: 1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, and Andrey Medov, Positive Technologies. 4) Reported by the vendor.

ORIGINAL ADVISORY: Siemens: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf

ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201206-0073",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc sp3",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "update 2"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3213"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2597"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002660"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov and Siemens",
    "sources": [
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2012-2597",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2012-2597",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "c4c1d040-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-55878",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-2597",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-2597",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201206-086",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "c4c1d040-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-55878",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55878"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2597"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL. WinCC flexible is a human-machine interface for use in some machine or process applications. An attacker can exploit the vulnerability to read arbitrary files. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. \n\nThe vulnerability is caused due to an input sanitisation error within\nthe DiagAgent web server and can be exploited to cause a buffer\noverflow and crash the DiagAgent. \n\nSuccessful exploitation requires the DiagAgent web server to be\nenabled (disabled by default). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49341\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49341/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nRELEASE DATE:\n2012-06-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49341/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49341/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and some vulnerabilities have been reported in Siemens\nSIMATIC WinCC, which can be exploited by malicious users to disclose\npotentially sensitive information and system information and\nmanipulate certain data and by malicious people to conduct spoofing\nand cross-site scripting attacks. \n\n1) Certain input passed via URL parameters to two unspecified web\napplications is not properly sanitised before being used to construct\na XPath query for XML data. This can be exploited to manipulate XPath\nqueries by injecting arbitrary XPath code and e.g. read or write\ncertain system settings. \n\n2) Certain input passed via a filename to two unspecified web\napplications is not properly verified before being used to display\nfiles. This can be exploited to disclose the contents of arbitrary\nfiles via directory traversal sequences. \n\n3) Certain input passed to two unspecified web applications is not\nproperly sanitised before being returned to the user. \n\n4) Certain input is not properly verified before being used to\nredirect users. This can be exploited to redirect a user to an\narbitrary website e.g. when a user clicks a specially crafted link to\nthe affected script hosted on a trusted domain. \n\nThe weakness and the vulnerabilities are reported in version 7.0 SP3. \n\nSOLUTION:\nApply \"Update 2\" (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey\nScherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis\nBaranov, and Andrey Medov, Positive Technologies. \n4) Reported by the vendor. \n\nORIGINAL ADVISORY:\nSiemens:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2597"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002660"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3213"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "IVD",
        "id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55878"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-2597",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-158-01",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-223158",
        "trust": 1.9
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-086",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "53837",
        "trust": 0.9
      },
      {
        "db": "SECUNIA",
        "id": "49341",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3213",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002660",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "19751",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "49359",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "C4C1D040-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-55878",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113374",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113371",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3213"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55878"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002660"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2597"
      }
    ]
  },
  "id": "VAR-201206-0073",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3213"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55878"
      }
    ],
    "trust": 1.6009954333333334
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3213"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:02:40.758000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-223158: Multiple Vulnerabilities in WinCC 7.0 SP3",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for the Siemens WinCC Directory Traversal Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/18133"
      },
      {
        "title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43310"
      },
      {
        "title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43309"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3213"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55878"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002660"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2597"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-158-01.pdf"
      },
      {
        "trust": 1.9,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2597"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2597"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/49341"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/53837"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19751"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/psi_30_beta_launch"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49359/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49359/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49359"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49341/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49341/#comments"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3213"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55878"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002660"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2597"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3213"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55878"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002660"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2597"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-19T00:00:00",
        "db": "IVD",
        "id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3213"
      },
      {
        "date": "2012-06-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55878"
      },
      {
        "date": "2012-06-06T00:00:00",
        "db": "BID",
        "id": "53837"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002660"
      },
      {
        "date": "2012-06-08T07:05:53",
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "date": "2012-06-08T07:05:43",
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "date": "2012-06-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      },
      {
        "date": "2012-06-08T18:55:02.267000",
        "db": "NVD",
        "id": "CVE-2012-2597"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3213"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55878"
      },
      {
        "date": "2012-06-06T00:00:00",
        "db": "BID",
        "id": "53837"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002660"
      },
      {
        "date": "2012-06-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      },
      {
        "date": "2024-11-21T01:39:17.203000",
        "db": "NVD",
        "id": "CVE-2012-2597"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC Directory Traversal Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3213"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Path traversal",
    "sources": [
      {
        "db": "IVD",
        "id": "c4c1d040-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-086"
      }
    ],
    "trust": 0.8
  }
}

var-201407-0605
Vulnerability from variot

Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A number of Siemens products have local privilege escalation vulnerabilities that allow an attacker to exploit vulnerabilities to escalate permissions on affected computers. Siemens SIMATIC WinCC and PCS 7 are prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges on affected computers. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A security vulnerability exists in versions prior to Siemens SIMATIC WinCC 7.3 used by PCS7 and other products

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0605",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": null,
        "scope": "eq",
        "trust": 2.4,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 2.4,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "wincc",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "pcs7",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.2"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d76ea61-463f-11e9-a2da-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "d7eabc36-02a7-4430-8646-7d7359179ce3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04695"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-605"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4685"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai\nfrom Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "68872"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-4685",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2014-4685",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-04695",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d76ea61-463f-11e9-a2da-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "d7eabc36-02a7-4430-8646-7d7359179ce3",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-72626",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-4685",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-4685",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-04695",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201407-605",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d76ea61-463f-11e9-a2da-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "d7eabc36-02a7-4430-8646-7d7359179ce3",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-72626",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d76ea61-463f-11e9-a2da-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "d7eabc36-02a7-4430-8646-7d7359179ce3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04695"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72626"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-605"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4685"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A number of Siemens products have local privilege escalation vulnerabilities that allow an attacker to exploit vulnerabilities to escalate permissions on affected computers. Siemens SIMATIC WinCC and PCS 7 are prone to a local privilege-escalation vulnerability. \nAttackers can exploit this issue to gain elevated privileges on affected computers. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A security vulnerability exists in versions prior to Siemens SIMATIC WinCC 7.3 used by PCS7 and other products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-4685"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04695"
      },
      {
        "db": "BID",
        "id": "68872"
      },
      {
        "db": "IVD",
        "id": "7d76ea61-463f-11e9-a2da-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "d7eabc36-02a7-4430-8646-7d7359179ce3"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72626"
      }
    ],
    "trust": 3.06
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-4685",
        "trust": 4.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-214365",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-605",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04695",
        "trust": 1.2
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-205-02",
        "trust": 1.1
      },
      {
        "db": "BID",
        "id": "68872",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003568",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "60392",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "60388",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "7D76EA61-463F-11E9-A2DA-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "E2D14A5E-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "D7EABC36-02A7-4430-8646-7D7359179CE3",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-72626",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "127660",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d76ea61-463f-11e9-a2da-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "d7eabc36-02a7-4430-8646-7d7359179ce3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04695"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72626"
      },
      {
        "db": "BID",
        "id": "68872"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-605"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4685"
      }
    ]
  },
  "id": "VAR-201407-0605",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d76ea61-463f-11e9-a2da-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "d7eabc36-02a7-4430-8646-7d7359179ce3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04695"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72626"
      }
    ],
    "trust": 2.003642875
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d76ea61-463f-11e9-a2da-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "d7eabc36-02a7-4430-8646-7d7359179ce3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04695"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:31:17.778000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-214365",
        "trust": 0.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
      },
      {
        "title": "A patch for Siemens\u0027 local product privilege escalation vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/47934"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-04695"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-72626"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4685"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4685"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4685"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/68872/info"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60388"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60392"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-04695"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72626"
      },
      {
        "db": "BID",
        "id": "68872"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-605"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4685"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "7d76ea61-463f-11e9-a2da-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "d7eabc36-02a7-4430-8646-7d7359179ce3"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04695"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72626"
      },
      {
        "db": "BID",
        "id": "68872"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-605"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4685"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-30T00:00:00",
        "db": "IVD",
        "id": "7d76ea61-463f-11e9-a2da-000c29342cb1"
      },
      {
        "date": "2014-07-30T00:00:00",
        "db": "IVD",
        "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-07-30T00:00:00",
        "db": "IVD",
        "id": "d7eabc36-02a7-4430-8646-7d7359179ce3"
      },
      {
        "date": "2014-07-29T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04695"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72626"
      },
      {
        "date": "2014-07-23T00:00:00",
        "db": "BID",
        "id": "68872"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      },
      {
        "date": "2014-07-29T22:37:22",
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-605"
      },
      {
        "date": "2014-07-24T14:55:08.143000",
        "db": "NVD",
        "id": "CVE-2014-4685"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-30T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04695"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72626"
      },
      {
        "date": "2015-03-19T09:46:00",
        "db": "BID",
        "id": "68872"
      },
      {
        "date": "2014-08-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-605"
      },
      {
        "date": "2024-11-21T02:10:42.087000",
        "db": "NVD",
        "id": "CVE-2014-4685"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "68872"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-605"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC PCS 7 Used in products such as  SIMATIC WinCC Vulnerability gained in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003568"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Permission permission and access control",
    "sources": [
      {
        "db": "IVD",
        "id": "7d76ea61-463f-11e9-a2da-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d14a5e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "d7eabc36-02a7-4430-8646-7d7359179ce3"
      }
    ],
    "trust": 0.6
  }
}

var-201910-1741
Vulnerability from variot

Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer.

An arbitrary file writing vulnerability exists in the Siemens SIMATIC WinCC PdlComponents.dll control. An attacker can call this function to write to any file on the computer, including generating a malicious program

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201910-1741",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "995b7628-c780-4004-88c0-a0c4d9a4f7f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36477"
      }
    ]
  },
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2019-36477",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "995b7628-c780-4004-88c0-a0c4d9a4f7f8",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "CNVD",
            "id": "CNVD-2019-36477",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "995b7628-c780-4004-88c0-a0c4d9a4f7f8",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "995b7628-c780-4004-88c0-a0c4d9a4f7f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36477"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer. \n\r\n\r\nAn arbitrary file writing vulnerability exists in the Siemens SIMATIC WinCC PdlComponents.dll control. An attacker can call this function to write to any file on the computer, including generating a malicious program",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36477"
      },
      {
        "db": "IVD",
        "id": "995b7628-c780-4004-88c0-a0c4d9a4f7f8"
      }
    ],
    "trust": 0.72
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36477",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "995B7628-C780-4004-88C0-A0C4D9A4F7F8",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "995b7628-c780-4004-88c0-a0c4d9a4f7f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36477"
      }
    ]
  },
  "id": "VAR-201910-1741",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "995b7628-c780-4004-88c0-a0c4d9a4f7f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36477"
      }
    ],
    "trust": 1.40849285
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "995b7628-c780-4004-88c0-a0c4d9a4f7f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36477"
      }
    ]
  },
  "last_update_date": "2022-05-17T02:02:22.705000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Industrial Control Device Vulnerability in Save Function of PdlComponents.dll Control of SIMATIC WinCC",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/180589"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36477"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "995b7628-c780-4004-88c0-a0c4d9a4f7f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36477"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-22T00:00:00",
        "db": "IVD",
        "id": "995b7628-c780-4004-88c0-a0c4d9a4f7f8"
      },
      {
        "date": "2019-10-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36477"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-01-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36477"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Arbitrary file writing vulnerability in Siemens SIMATIC WinCC PdlComponents.dll control",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36477"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Permission permission and access control",
    "sources": [
      {
        "db": "IVD",
        "id": "995b7628-c780-4004-88c0-a0c4d9a4f7f8"
      }
    ],
    "trust": 0.2
  }
}

var-201206-0074
Vulnerability from variot

Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters, and there is a buffer overflow vulnerability in implementation. An attacker could exploit the vulnerability to cause a denial of service. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible.

Successful exploitation requires the DiagAgent web server to be enabled (disabled by default). ----------------------------------------------------------------------

Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch


TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA49341

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49341

RELEASE DATE: 2012-06-07

DISCUSS ADVISORY: http://secunia.com/advisories/49341/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/49341/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=49341

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A weakness and some vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious users to disclose potentially sensitive information and system information and manipulate certain data and by malicious people to conduct spoofing and cross-site scripting attacks.

1) Certain input passed via URL parameters to two unspecified web applications is not properly sanitised before being used to construct a XPath query for XML data. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code and e.g. read or write certain system settings.

2) Certain input passed via a filename to two unspecified web applications is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.

3) Certain input passed to two unspecified web applications is not properly sanitised before being returned to the user.

4) Certain input is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.

The weakness and the vulnerabilities are reported in version 7.0 SP3.

SOLUTION: Apply "Update 2" (please see the vendor's advisory for details).

PROVIDED AND/OR DISCOVERED BY: 1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, and Andrey Medov, Positive Technologies. 4) Reported by the vendor.

ORIGINAL ADVISORY: Siemens: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf

ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201206-0074",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc sp3",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3 to  update 2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3214"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002661"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2598"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002661"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov and Siemens",
    "sources": [
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-087"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2012-2598",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2012-2598",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "c4b582fe-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-55879",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-2598",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-2598",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201206-087",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "c4b582fe-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-55879",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55879"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002661"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2598"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters, and there is a buffer overflow vulnerability in implementation. An attacker could exploit the vulnerability to cause a denial of service. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. \n\nSuccessful exploitation requires the DiagAgent web server to be\nenabled (disabled by default). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49341\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49341/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nRELEASE DATE:\n2012-06-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49341/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49341/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and some vulnerabilities have been reported in Siemens\nSIMATIC WinCC, which can be exploited by malicious users to disclose\npotentially sensitive information and system information and\nmanipulate certain data and by malicious people to conduct spoofing\nand cross-site scripting attacks. \n\n1) Certain input passed via URL parameters to two unspecified web\napplications is not properly sanitised before being used to construct\na XPath query for XML data. This can be exploited to manipulate XPath\nqueries by injecting arbitrary XPath code and e.g. read or write\ncertain system settings. \n\n2) Certain input passed via a filename to two unspecified web\napplications is not properly verified before being used to display\nfiles. This can be exploited to disclose the contents of arbitrary\nfiles via directory traversal sequences. \n\n3) Certain input passed to two unspecified web applications is not\nproperly sanitised before being returned to the user. \n\n4) Certain input is not properly verified before being used to\nredirect users. This can be exploited to redirect a user to an\narbitrary website e.g. when a user clicks a specially crafted link to\nthe affected script hosted on a trusted domain. \n\nThe weakness and the vulnerabilities are reported in version 7.0 SP3. \n\nSOLUTION:\nApply \"Update 2\" (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey\nScherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis\nBaranov, and Andrey Medov, Positive Technologies. \n4) Reported by the vendor. \n\nORIGINAL ADVISORY:\nSiemens:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2598"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002661"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3214"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "IVD",
        "id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55879"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-2598",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-158-01",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-223158",
        "trust": 1.9
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-087",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "53837",
        "trust": 0.9
      },
      {
        "db": "SECUNIA",
        "id": "49359",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3214",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002661",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "19751",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "49341",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "C4B582FE-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-55879",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113374",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113371",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3214"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55879"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002661"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2598"
      }
    ]
  },
  "id": "VAR-201206-0074",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3214"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55879"
      }
    ],
    "trust": 1.6009954333333334
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3214"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:02:40.661000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-223158: Multiple Vulnerabilities in WinCC 7.0 SP3",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens WinCC Buffer Overflow Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/18134"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3214"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002661"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55879"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002661"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2598"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-158-01.pdf"
      },
      {
        "trust": 1.9,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2598"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2598"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/49359"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/53837"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19751"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/psi_30_beta_launch"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49359/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49359/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49359"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49341/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49341/#comments"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3214"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55879"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002661"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2598"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3214"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55879"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002661"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-087"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2598"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-19T00:00:00",
        "db": "IVD",
        "id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3214"
      },
      {
        "date": "2012-06-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55879"
      },
      {
        "date": "2012-06-06T00:00:00",
        "db": "BID",
        "id": "53837"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002661"
      },
      {
        "date": "2012-06-08T07:05:53",
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "date": "2012-06-08T07:05:43",
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "date": "2012-06-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-087"
      },
      {
        "date": "2012-06-08T18:55:02.317000",
        "db": "NVD",
        "id": "CVE-2012-2598"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3214"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55879"
      },
      {
        "date": "2012-06-06T00:00:00",
        "db": "BID",
        "id": "53837"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002661"
      },
      {
        "date": "2012-06-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-087"
      },
      {
        "date": "2024-11-21T01:39:17.300000",
        "db": "NVD",
        "id": "CVE-2012-2598"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-087"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3214"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-087"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-087"
      }
    ],
    "trust": 0.8
  }
}

var-201303-0250
Vulnerability from variot

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0250",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc tia portal",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc tia portal",
        "version": "11.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "093983e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001964"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-436"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0667"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001964"
      }
    ]
  },
  "cve": "CVE-2013-0667",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2013-0667",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "093983e0-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-60669",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0667",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0667",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-436",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "093983e0-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60669",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "093983e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001964"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-436"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0667"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0667"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001964"
      },
      {
        "db": "IVD",
        "id": "093983e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60669"
      }
    ],
    "trust": 1.89
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0667",
        "trust": 2.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-03",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-212483",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-436",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001964",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "093983E0-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60669",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "093983e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001964"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-436"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0667"
      }
    ]
  },
  "id": "VAR-201303-0250",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "093983e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60669"
      }
    ],
    "trust": 0.9086316000000001
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "093983e0-2353-11e6-abef-000c29c66e3d"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:08:32.476000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-212483: Vulnerabilities in WinCC (TIA Portal) V11",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001964"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001964"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0667"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-03.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0667"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0667"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001964"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-436"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0667"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "093983e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001964"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-436"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0667"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "IVD",
        "id": "093983e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60669"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001964"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-436"
      },
      {
        "date": "2013-03-21T14:55:01.467000",
        "db": "NVD",
        "id": "CVE-2013-0667"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60669"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001964"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-436"
      },
      {
        "date": "2024-11-21T01:47:58.463000",
        "db": "NVD",
        "id": "CVE-2013-0667"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-436"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC HMI web Cross-Site Scripting Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "093983e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-436"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-436"
      }
    ],
    "trust": 0.6
  }
}

var-201303-0252
Vulnerability from variot

The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A vulnerability exists in the HMI web application in Siemens WinCC (TIA Portal) version 11

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0252",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc tia portal",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc tia portal",
        "version": "11.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "092dd770-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001983"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-438"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0669"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001983"
      }
    ]
  },
  "cve": "CVE-2013-0669",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2013-0669",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "092dd770-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "VHN-60671",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0669",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0669",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-438",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "092dd770-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60671",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "092dd770-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60671"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001983"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-438"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0669"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A vulnerability exists in the HMI web application in Siemens WinCC (TIA Portal) version 11",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001983"
      },
      {
        "db": "IVD",
        "id": "092dd770-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60671"
      }
    ],
    "trust": 1.89
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0669",
        "trust": 2.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-03",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-212483",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-438",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001983",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "092DD770-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60671",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "092dd770-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60671"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001983"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-438"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0669"
      }
    ]
  },
  "id": "VAR-201303-0252",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "092dd770-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60671"
      }
    ],
    "trust": 0.9086316000000001
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "092dd770-2353-11e6-abef-000c29c66e3d"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:08:32.417000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-212483: Vulnerabilities in WinCC (TIA Portal) V11",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001983"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60671"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001983"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0669"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-03.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0669"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0669"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60671"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001983"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-438"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0669"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "092dd770-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60671"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001983"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-438"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0669"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "IVD",
        "id": "092dd770-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60671"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001983"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-438"
      },
      {
        "date": "2013-03-21T14:55:01.497000",
        "db": "NVD",
        "id": "CVE-2013-0669"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60671"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001983"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-438"
      },
      {
        "date": "2024-11-21T01:47:58.677000",
        "db": "NVD",
        "id": "CVE-2013-0669"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-438"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC HMI web Denial of service vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "092dd770-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-438"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "092dd770-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-438"
      }
    ],
    "trust": 0.8
  }
}

var-201607-0465
Vulnerability from variot

Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets. The SIMATIC WinCC (Windows Control Center) window control center is Siemens' process monitoring system, providing complete monitoring and data acquisition (SCADA) functions for the industrial sector; the PCS 7 system is a seamlessly integrated automation solution for all industrial applications. field. A remote code execution vulnerability exists in SIMATIC WinCC/PCS 7/WinCC Runtime Professional. Multiple Siemens Products are prone to a remote code-execution vulnerability. An attacker can exploit this issue to inject and execute arbitrary code in the context of the affected application. Siemens SIMATIC WinCC, etc. are all industrial automation products of Siemens (Siemens) in Germany

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201607-0465",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic openpcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic batch",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic openpcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "78.2"
      },
      {
        "model": "simatic wincc sp",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.03"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.4 update 1"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic pcs sp4",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c=7.1"
      },
      {
        "model": "simatic wincc runtime professional sp update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v1319"
      },
      {
        "model": "simatic wincc sp",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=7.02"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.3x\u003c7.310"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.4x\u003c7.41"
      },
      {
        "model": "simatic openpcs 7",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic openpcs 7",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic wincc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic openpcs 7",
        "version": "*"
      },
      {
        "model": "simatic wincc runtime professional sp1 upd2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.32"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.31"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.29"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.28"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.21"
      },
      {
        "model": "simatic wincc upd4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc upd11",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc sp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.02"
      },
      {
        "model": "simatic pcs sp4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77.1"
      },
      {
        "model": "simatic wincc runtime professional sp update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1319"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.41"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.310"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic batch",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "649ab73e-2968-450b-b5d3-31e462571302"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05346"
      },
      {
        "db": "BID",
        "id": "92112"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-904"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5743"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_batch",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_openpcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sergey Temnikov and Vladimir Dashchenko, Critical Infrastructure Defence\nTeam, Kaspersky Lab.",
    "sources": [
      {
        "db": "BID",
        "id": "92112"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-5743",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2016-5743",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-05346",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "649ab73e-2968-450b-b5d3-31e462571302",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-94562",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2016-5743",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-5743",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-5743",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-05346",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201607-904",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "649ab73e-2968-450b-b5d3-31e462571302",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-94562",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "649ab73e-2968-450b-b5d3-31e462571302"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05346"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94562"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-904"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5743"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets. The SIMATIC WinCC (Windows Control Center) window control center is Siemens\u0027 process monitoring system, providing complete monitoring and data acquisition (SCADA) functions for the industrial sector; the PCS 7 system is a seamlessly integrated automation solution for all industrial applications. field. A remote code execution vulnerability exists in SIMATIC WinCC/PCS 7/WinCC Runtime Professional. Multiple Siemens Products are prone to a remote code-execution vulnerability. \nAn  attacker can exploit this issue to inject and execute arbitrary code in the context of the affected application. Siemens SIMATIC WinCC, etc. are all industrial automation products of Siemens (Siemens) in Germany",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-5743"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05346"
      },
      {
        "db": "BID",
        "id": "92112"
      },
      {
        "db": "IVD",
        "id": "649ab73e-2968-450b-b5d3-31e462571302"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94562"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-5743",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-378531",
        "trust": 2.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-16-208-01",
        "trust": 2.2
      },
      {
        "db": "BID",
        "id": "92112",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1036441",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-904",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05346",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004095",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "649AB73E-2968-450B-B5D3-31E462571302",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-94562",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "649ab73e-2968-450b-b5d3-31e462571302"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05346"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94562"
      },
      {
        "db": "BID",
        "id": "92112"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-904"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5743"
      }
    ]
  },
  "id": "VAR-201607-0465",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "649ab73e-2968-450b-b5d3-31e462571302"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05346"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94562"
      }
    ],
    "trust": 1.5901556066666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "649ab73e-2968-450b-b5d3-31e462571302"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05346"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:54:30.330000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-378531",
        "trust": 0.8,
        "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf"
      },
      {
        "title": "Patch for remote code execution vulnerability in SIMATIC WinCC/PCS 7/WinCCRuntime Professional",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/79586"
      },
      {
        "title": "Multiple Siemens Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63264"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-05346"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-904"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-94562"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5743"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf"
      },
      {
        "trust": 2.2,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-208-01"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/92112"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1036441"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5743"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5743"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-05346"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94562"
      },
      {
        "db": "BID",
        "id": "92112"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-904"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5743"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "649ab73e-2968-450b-b5d3-31e462571302"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05346"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94562"
      },
      {
        "db": "BID",
        "id": "92112"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-904"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5743"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-25T00:00:00",
        "db": "IVD",
        "id": "649ab73e-2968-450b-b5d3-31e462571302"
      },
      {
        "date": "2016-07-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-05346"
      },
      {
        "date": "2016-07-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-94562"
      },
      {
        "date": "2016-07-22T00:00:00",
        "db": "BID",
        "id": "92112"
      },
      {
        "date": "2016-08-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      },
      {
        "date": "2016-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-904"
      },
      {
        "date": "2016-07-22T15:59:00.147000",
        "db": "NVD",
        "id": "CVE-2016-5743"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-05346"
      },
      {
        "date": "2016-11-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-94562"
      },
      {
        "date": "2016-07-22T00:00:00",
        "db": "BID",
        "id": "92112"
      },
      {
        "date": "2016-08-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      },
      {
        "date": "2016-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-904"
      },
      {
        "date": "2024-11-21T02:54:56.297000",
        "db": "NVD",
        "id": "CVE-2016-5743"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-904"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens SIMATIC Vulnerabilities in products that allow arbitrary code execution",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004095"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "649ab73e-2968-450b-b5d3-31e462571302"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-904"
      }
    ],
    "trust": 0.8
  }
}

var-201808-0743
Vulnerability from variot

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions < V15 Update 2). Improper file permissions in the default installation of TIA Portal may allow an attacker with local file system access to insert specially crafted files which may prevent TIA Portal startup (Denial-of-Service) or lead to local code execution. No special privileges are required, but the victim needs to attempt to start TIA Portal after the manipulation. SIMATIC STEP 7 and WinCC (TIA Portal ) Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC STEP 7 (TIA Portal) is a set of programming software for SIMATIC controllers. The software provides PLC programming, design option packages and advanced drive technology. WinCC (TIA Portal) is an automated data acquisition and monitoring (SCADA) system. The system provides functions such as process monitoring and data acquisition. The Portal starts, causing a denial of service or execution of code. Siemens SIMATIC STEP 7 and SIMATIC WinCC are prone to multiple insecure file-permissions vulnerabilities. A local attacker can exploit these issues by gaining access to a world-readable file and extracting sensitive information from it. Information obtained may aid in other attacks

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201808-0743",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "12.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "10.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "10.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "12.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "model": "simatic step 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "710"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "711"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "712"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "713"
      },
      {
        "model": "simatic step sp1 update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "714.*\u003c146"
      },
      {
        "model": "simatic step update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "715.*\u003c152"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "10"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "wincc sp1 update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14.*\u003c146"
      },
      {
        "model": "wincc update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "15.*\u003c152"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic step 7 tia portal",
        "version": "13.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v120"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v110"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v10"
      },
      {
        "model": "simatic step tia portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v14"
      },
      {
        "model": "simatic step tia portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v13"
      },
      {
        "model": "simatic step tia portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v12"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v15"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v11"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v10"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "10.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "11.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "12.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "14.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "15.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "10.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "11.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "12.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "14.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "15.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19601"
      },
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11453"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_step_7_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Younes Dragoni from Nozomi Networks.",
    "sources": [
      {
        "db": "BID",
        "id": "105115"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-11453",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-11453",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2018-19601",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "e2fc57cf-39ab-11e9-b215-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-121314",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2018-11453",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-11453",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-11453",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-19601",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201808-241",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e2fc57cf-39ab-11e9-b215-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-121314",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19601"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121314"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11453"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions \u003c V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions \u003c V15 Update 2). Improper file permissions in the default installation of TIA Portal may allow an attacker with local file system access to insert specially crafted files which may prevent TIA Portal startup (Denial-of-Service) or lead to local code execution. No special privileges are required, but the victim needs to attempt to start TIA Portal after the manipulation. SIMATIC STEP 7 and WinCC (TIA Portal ) Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC STEP 7 (TIA Portal) is a set of programming software for SIMATIC controllers. The software provides PLC programming, design option packages and advanced drive technology. WinCC (TIA Portal) is an automated data acquisition and monitoring (SCADA) system. The system provides functions such as process monitoring and data acquisition. The Portal starts, causing a denial of service or execution of code. Siemens SIMATIC STEP 7 and SIMATIC WinCC are prone to multiple insecure file-permissions vulnerabilities. \nA local attacker can exploit these issues by gaining access to a world-readable file and extracting sensitive information from it. Information obtained may aid in other attacks",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-11453"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19601"
      },
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "IVD",
        "id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121314"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-11453",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-979106",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "105115",
        "trust": 2.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-226-01",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-241",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19601",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009209",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E2FC57CF-39AB-11E9-B215-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-121314",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19601"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121314"
      },
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11453"
      }
    ]
  },
  "id": "VAR-201808-0743",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19601"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121314"
      }
    ],
    "trust": 1.6649055914285715
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19601"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:30:18.487000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-979106",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979106.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC STEP 7 and WinCC Denial of Service Vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/140877"
      },
      {
        "title": "Siemens SIMATIC STEP 7  and WinCC Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83960"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-19601"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-241"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-732",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-276",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-121314"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11453"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979106.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/105115"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-226-01"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11453"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-11453"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-19601"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121314"
      },
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11453"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-19601"
      },
      {
        "db": "VULHUB",
        "id": "VHN-121314"
      },
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-11453"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-09-21T00:00:00",
        "db": "IVD",
        "id": "e2fc57cf-39ab-11e9-b215-000c29342cb1"
      },
      {
        "date": "2018-09-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-19601"
      },
      {
        "date": "2018-08-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-121314"
      },
      {
        "date": "2018-08-14T00:00:00",
        "db": "BID",
        "id": "105115"
      },
      {
        "date": "2018-11-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      },
      {
        "date": "2018-08-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201808-241"
      },
      {
        "date": "2018-08-07T15:29:00.247000",
        "db": "NVD",
        "id": "CVE-2018-11453"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-09-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-19601"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-121314"
      },
      {
        "date": "2018-08-14T00:00:00",
        "db": "BID",
        "id": "105115"
      },
      {
        "date": "2019-01-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201808-241"
      },
      {
        "date": "2024-11-21T03:43:23.977000",
        "db": "NVD",
        "id": "CVE-2018-11453"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "105115"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-241"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATIC STEP 7 and  WinCC Vulnerabilities related to authorization, permissions, and access control",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009209"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control issues",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-241"
      }
    ],
    "trust": 0.6
  }
}

var-202205-0677
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode. Siemens' SIMATIC PCS 7 , SIMATIC WinCC , SIMATIC WinCC Runtime Professional contains an insecure initialization of resources to default values.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and supervisory control (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants. Siemens SIMATIC WinCC

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202205-0677",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "17"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v7.4"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c=v9.0"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v16"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17"
      },
      {
        "model": "simatic wincc sp2 update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.58"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-36387"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010187"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-24287"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported this vulnerability to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-2738"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2022-24287",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2022-24287",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2022-36387",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-413914",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2022-24287",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2022-24287",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-24287",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2022-24287",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2022-24287",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2022-36387",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202205-2738",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-413914",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-36387"
      },
      {
        "db": "VULHUB",
        "id": "VHN-413914"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010187"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-2738"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-24287"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-24287"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions \u003c V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode. Siemens\u0027 SIMATIC PCS 7 , SIMATIC WinCC , SIMATIC WinCC Runtime Professional contains an insecure initialization of resources to default values.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and supervisory control (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants. Siemens SIMATIC WinCC",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-24287"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010187"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-36387"
      },
      {
        "db": "VULHUB",
        "id": "VHN-413914"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-24287"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-24287",
        "trust": 4.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-363107",
        "trust": 3.1
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-132-06",
        "trust": 1.5
      },
      {
        "db": "JVN",
        "id": "JVNVU92977068",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010187",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-36387",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.2356",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022051718",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-2738",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-413914",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-24287",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-36387"
      },
      {
        "db": "VULHUB",
        "id": "VHN-413914"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-24287"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010187"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-2738"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-24287"
      }
    ]
  },
  "id": "VAR-202205-0677",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-36387"
      },
      {
        "db": "VULHUB",
        "id": "VHN-413914"
      }
    ],
    "trust": 1.390281485
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-36387"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:50:30.100000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens SIMATIC WinCC Kiosk Mode Improper Initialization Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/332571"
      },
      {
        "title": "Siemens SIMATIC WinCC Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=245484"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-36387"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-2738"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-1188",
        "trust": 1.0
      },
      {
        "problemtype": "Initializing Resources to Unsafe Default Values (CWE-1188) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010187"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-24287"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu92977068/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-24287"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-06"
      },
      {
        "trust": 0.6,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-363107.html"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/siemens-simatic-wincc-user-access-via-kiosk-mode-38295"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-06"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022051718"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-24287/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.2356"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-06"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-36387"
      },
      {
        "db": "VULHUB",
        "id": "VHN-413914"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-24287"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010187"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-2738"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-24287"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-36387"
      },
      {
        "db": "VULHUB",
        "id": "VHN-413914"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-24287"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010187"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-2738"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-24287"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-05-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2022-36387"
      },
      {
        "date": "2022-05-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-413914"
      },
      {
        "date": "2023-08-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-010187"
      },
      {
        "date": "2022-05-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202205-2738"
      },
      {
        "date": "2022-05-20T13:15:14.680000",
        "db": "NVD",
        "id": "CVE-2022-24287"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-05-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2022-36387"
      },
      {
        "date": "2022-06-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-413914"
      },
      {
        "date": "2023-08-10T08:26:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-010187"
      },
      {
        "date": "2023-07-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202205-2738"
      },
      {
        "date": "2024-11-21T06:50:05.667000",
        "db": "NVD",
        "id": "CVE-2022-24287"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-2738"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Insecure initialization of resources to default values \u200b\u200bin multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010187"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-2738"
      }
    ],
    "trust": 0.6
  }
}

var-201007-0198
Vulnerability from variot

Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. The Siemens SIMATIC WinCC data uses the built-in user name and password and does not inform the user that it needs to be modified. An attacker can use this information to read database data or inject code into a database. Siemens SIMATIC WinCC is affected by a vulnerability that allows attackers to bypass security. Successfully exploiting this issue may lead to further attacks. ----------------------------------------------------------------------

"From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420."

Non-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more:

http://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf


TITLE: Siemens SIMATIC WinCC Undocumented Database User Account

SECUNIA ADVISORY ID: SA40682

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40682/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40682

RELEASE DATE: 2010-07-24

DISCUSS ADVISORY: http://secunia.com/advisories/40682/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/40682/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=40682

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A security issue has been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to gain unauthorised access.

SOLUTION: Restrict network access to the database to trusted users only.

PROVIDED AND/OR DISCOVERED BY: Discovered in the wild.

ORIGINAL ADVISORY: http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22 http://www.f-secure.com/weblog/archives/00001987.html

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201007-0198",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "siemens",
        "version": "6.2"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "simatic pcs 7",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "simatic pcs 7",
        "version": "7.1"
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic wincc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic wincc",
        "version": "6.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic wincc",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs 7",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs 7",
        "version": "6.1"
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "06a89dde-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-1369"
      },
      {
        "db": "BID",
        "id": "41753"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001829"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201007-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2772"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens",
    "sources": [
      {
        "db": "BID",
        "id": "41753"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2010-2772",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "CVE-2010-2772",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "06a89dde-2356-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "VHN-45377",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2010-2772",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2010-2772",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2010-2772",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-2772",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201007-241",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "06a89dde-2356-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-45377",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2010-2772",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "06a89dde-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-45377"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-2772"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001829"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201007-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2772"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. The Siemens SIMATIC WinCC data uses the built-in user name and password and does not inform the user that it needs to be modified. An attacker can use this information to read database data or inject code into a database. Siemens SIMATIC WinCC is affected by a vulnerability that allows attackers to bypass security.  Successfully exploiting this issue may lead to further attacks. ----------------------------------------------------------------------\n\n\n\"From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420.\"\n\nNon-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more:\n\nhttp://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Undocumented Database User Account\n\nSECUNIA ADVISORY ID:\nSA40682\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40682/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40682\n\nRELEASE DATE:\n2010-07-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40682/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40682/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40682\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in Siemens SIMATIC WinCC, which\ncan be exploited by malicious people to gain unauthorised access. \n\nSOLUTION:\nRestrict network access to the database to trusted users only. \n\nPROVIDED AND/OR DISCOVERED BY:\nDiscovered in the wild. \n\nORIGINAL ADVISORY:\nhttp://www.wilderssecurity.com/showpost.php?p=1712134\u0026postcount=22\nhttp://www.f-secure.com/weblog/archives/00001987.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-2772"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001829"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-1369"
      },
      {
        "db": "BID",
        "id": "41753"
      },
      {
        "db": "IVD",
        "id": "06a89dde-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-45377"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-2772"
      },
      {
        "db": "PACKETSTORM",
        "id": "92130"
      }
    ],
    "trust": 3.24
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-2772",
        "trust": 4.3
      },
      {
        "db": "BID",
        "id": "41753",
        "trust": 2.9
      },
      {
        "db": "SECUNIA",
        "id": "40682",
        "trust": 2.1
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-205-01",
        "trust": 2.0
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-1893",
        "trust": 1.9
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201007-241",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-1369",
        "trust": 1.0
      },
      {
        "db": "XF",
        "id": "60587",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001829",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "06A89DDE-2356-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D70CFDF-463F-11E9-AD83-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "407E95F0-1FB3-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-45377",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2010/1893",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-2772",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "92130",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "06a89dde-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-1369"
      },
      {
        "db": "VULHUB",
        "id": "VHN-45377"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-2772"
      },
      {
        "db": "BID",
        "id": "41753"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001829"
      },
      {
        "db": "PACKETSTORM",
        "id": "92130"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201007-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2772"
      }
    ]
  },
  "id": "VAR-201007-0198",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "06a89dde-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-1369"
      },
      {
        "db": "VULHUB",
        "id": "VHN-45377"
      }
    ],
    "trust": 1.9286399
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "06a89dde-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-1369"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:46:22.480000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Product\u00a0Support",
        "trust": 0.8,
        "url": "http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo\u0026aktprim=0\u0026siteid=cseus\u0026lang=en\u0026siteid=cseus\u0026groupid=4000003\u0026groupid=4000003\u0026groupid=4000003\u0026extranet=standard\u0026viewreg=WW\u0026nodeid0=10805583"
      },
      {
        "title": "Siemens SIMATIC WinCC default password security bypass vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/81338"
      },
      {
        "title": "win32-stuxnet",
        "trust": 0.1,
        "url": "https://github.com/uraninite/win32-stuxnet "
      },
      {
        "title": "welivesecurity",
        "trust": 0.1,
        "url": "https://www.welivesecurity.com/2016/06/07/infrastructure-attacks-next-generation/"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/kelihos-update-includes-new-tld-and-usb-infection-capabilities-121112/77299/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-1369"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-2772"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001829"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-798",
        "trust": 1.0
      },
      {
        "problemtype": "Use hard-coded credentials (CWE-798) [NVD evaluation ]",
        "trust": 0.8
      },
      {
        "problemtype": "CWE-255",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-45377"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001829"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2772"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.securityfocus.com/bid/41753"
      },
      {
        "trust": 2.0,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-12-205-01"
      },
      {
        "trust": 2.0,
        "url": "http://secunia.com/advisories/40682"
      },
      {
        "trust": 2.0,
        "url": "http://www.vupen.com/english/advisories/2010/1893"
      },
      {
        "trust": 1.8,
        "url": "http://www.sea.siemens.com/us/news/industrial/pages/wincc_update.aspx"
      },
      {
        "trust": 1.8,
        "url": "http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725"
      },
      {
        "trust": 1.8,
        "url": "http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr"
      },
      {
        "trust": 1.8,
        "url": "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/"
      },
      {
        "trust": 1.8,
        "url": "http://www.wired.com/threatlevel/2010/07/siemens-scada/"
      },
      {
        "trust": 1.7,
        "url": "http://www.automation.siemens.com/forum/guests/postshow.aspx?postid=16127\u002616127\u0026language=en\u0026pageindex=1"
      },
      {
        "trust": 1.4,
        "url": "http://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo\u0026lang=en\u0026objid=43876783\u0026caller=viewhttp://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo\u0026lang=en\u0026objid=43876783\u0026c"
      },
      {
        "trust": 1.3,
        "url": "http://www.f-secure.com/weblog/archives/00001987.html"
      },
      {
        "trust": 1.2,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60587"
      },
      {
        "trust": 1.2,
        "url": "http://www.wilderssecurity.com/showpost.php?p=1712134\u0026postcount=22"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2772"
      },
      {
        "trust": 0.8,
        "url": "http://xforce.iss.net/xforce/xfdb/60587"
      },
      {
        "trust": 0.6,
        "url": "http://it.slashdot.org/comments.pl?sid=1721020"
      },
      {
        "trust": 0.3,
        "url": "http://it.slashdot.org/comments.pl?sid=1721020\u0026cid=32920758"
      },
      {
        "trust": 0.3,
        "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
      },
      {
        "trust": 0.3,
        "url": "https://www.automation.siemens.com/forum/guests/postshow.aspx?postid=16127\u0026language=en\u0026pageindex=2"
      },
      {
        "trust": 0.1,
        "url": "http://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo\u0026amp;lang=en\u0026amp;objid=43876783\u0026amp;caller=viewhttp://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo\u0026amp;lang=en\u0026amp;objid=43876783\u0026amp;c"
      },
      {
        "trust": 0.1,
        "url": "http://www.automation.siemens.com/forum/guests/postshow.aspx?postid=16127\u0026amp;16127\u0026amp;language=en\u0026amp;pageindex=1"
      },
      {
        "trust": 0.1,
        "url": "http://www.wilderssecurity.com/showpost.php?p=1712134\u0026amp;postcount=22"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/255.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/uraninite/win32-stuxnet"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=20969"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/kelihos-update-includes-new-tld-and-usb-infection-capabilities-121112/77299/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40682"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/evm/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/40682/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/40682/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/gfx/pdf/secunia_half_year_report_2010.pdf"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-1369"
      },
      {
        "db": "VULHUB",
        "id": "VHN-45377"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-2772"
      },
      {
        "db": "BID",
        "id": "41753"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001829"
      },
      {
        "db": "PACKETSTORM",
        "id": "92130"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201007-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2772"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "06a89dde-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-1369"
      },
      {
        "db": "VULHUB",
        "id": "VHN-45377"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-2772"
      },
      {
        "db": "BID",
        "id": "41753"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001829"
      },
      {
        "db": "PACKETSTORM",
        "id": "92130"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201007-241"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2772"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-07-23T00:00:00",
        "db": "IVD",
        "id": "06a89dde-2356-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2010-07-18T00:00:00",
        "db": "IVD",
        "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1"
      },
      {
        "date": "2010-07-18T00:00:00",
        "db": "IVD",
        "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2010-07-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-1369"
      },
      {
        "date": "2010-07-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-45377"
      },
      {
        "date": "2010-07-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-2772"
      },
      {
        "date": "2010-07-16T00:00:00",
        "db": "BID",
        "id": "41753"
      },
      {
        "date": "2010-08-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001829"
      },
      {
        "date": "2010-07-26T12:08:47",
        "db": "PACKETSTORM",
        "id": "92130"
      },
      {
        "date": "2010-07-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201007-241"
      },
      {
        "date": "2010-07-22T05:43:58.250000",
        "db": "NVD",
        "id": "CVE-2010-2772"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-1369"
      },
      {
        "date": "2017-08-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-45377"
      },
      {
        "date": "2017-08-17T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-2772"
      },
      {
        "date": "2015-03-19T09:27:00",
        "db": "BID",
        "id": "41753"
      },
      {
        "date": "2024-03-01T04:05:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001829"
      },
      {
        "date": "2010-07-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201007-241"
      },
      {
        "date": "2024-11-21T01:17:21.660000",
        "db": "NVD",
        "id": "CVE-2010-2772"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201007-241"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC Default Password Security Bypass Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-1369"
      },
      {
        "db": "BID",
        "id": "41753"
      }
    ],
    "trust": 1.3
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Trust management",
    "sources": [
      {
        "db": "IVD",
        "id": "06a89dde-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "7d70cfdf-463f-11e9-ad83-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "407e95f0-1fb3-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201007-241"
      }
    ],
    "trust": 1.2
  }
}

var-201910-1744
Vulnerability from variot

Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer.

A stack overflow vulnerability exists in the Siemens SIMATIC WinCC CCScriptConv.dll control. An attacker can execute arbitrary code by constructing parameters

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201910-1744",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6f4c1354-100f-4d0c-95ee-286ce5344366"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36484"
      }
    ]
  },
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2019-36484",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "6f4c1354-100f-4d0c-95ee-286ce5344366",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "CNVD",
            "id": "CNVD-2019-36484",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "6f4c1354-100f-4d0c-95ee-286ce5344366",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6f4c1354-100f-4d0c-95ee-286ce5344366"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36484"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer. \n\r\n\r\nA stack overflow vulnerability exists in the Siemens SIMATIC WinCC CCScriptConv.dll control. An attacker can execute arbitrary code by constructing parameters",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36484"
      },
      {
        "db": "IVD",
        "id": "6f4c1354-100f-4d0c-95ee-286ce5344366"
      }
    ],
    "trust": 0.72
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36484",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "6F4C1354-100F-4D0C-95EE-286CE5344366",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6f4c1354-100f-4d0c-95ee-286ce5344366"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36484"
      }
    ]
  },
  "id": "VAR-201910-1744",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "6f4c1354-100f-4d0c-95ee-286ce5344366"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36484"
      }
    ],
    "trust": 1.40849285
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6f4c1354-100f-4d0c-95ee-286ce5344366"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36484"
      }
    ]
  },
  "last_update_date": "2022-05-17T01:47:50.329000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Binary Vulnerability in SilentUpgrade Function of CCScriptConv.dll Control of SIMATIC WinCC",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/180603"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36484"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "6f4c1354-100f-4d0c-95ee-286ce5344366"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36484"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-22T00:00:00",
        "db": "IVD",
        "id": "6f4c1354-100f-4d0c-95ee-286ce5344366"
      },
      {
        "date": "2019-10-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36484"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-01-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36484"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC CCScriptConv.dll Control has a stack overflow vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "6f4c1354-100f-4d0c-95ee-286ce5344366"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36484"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "6f4c1354-100f-4d0c-95ee-286ce5344366"
      }
    ],
    "trust": 0.2
  }
}

var-201905-1321
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The Siemens SIMATIC PCS 7 and SIMATIC WinCC input validation error vulnerability stems from a network system or product that does not properly validate the input data, and an authenticated attacker can exploit the vulnerability to execute arbitrary commands with SYSTEM privileges. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1321",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.5 upd3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "14.x"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 and earlier"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.2.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.4.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "15.x"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2 and earlier"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "9.0.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c=v8.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v7.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic wincc upd3",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.5.*\u003cv7.5"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "79.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.53"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "14.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "15.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime professional",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab,ChengBin Wang from ZheJiang Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10918",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2019-10918",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CNVD-2019-14940",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-142512",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2019-10918",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-10918",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-10918",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-10918",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-14940",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-592",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142512",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-10918",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The Siemens SIMATIC PCS 7 and SIMATIC WinCC input validation error vulnerability stems from a network system or product that does not properly validate the input data, and an authenticated attacker can exploit the vulnerability to execute arbitrary commands with SYSTEM privileges. Siemens SIMATIC products are prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An SQL injection vulnerability3. \n3. An arbitrary command execution\nExploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. \nThe following Siemens SIMATIC products are affected:\nSIMATIC PCS 7 version 8.0 and prior\nSIMATIC PCS 7 version 8.1\nSIMATIC PCS 7 version 8.2\nSIMATIC PCS 7 version 9.0\nSIMATIC WinCC (TIA Portal) version 13\nSIMATIC WinCC (TIA Portal) version 14\nSIMATIC WinCC (TIA Portal) version 15\nSIMATIC WinCC Runtime Professional, all version\nSIMATIC WinCC version 7.2 and prior\nSIMATIC WinCC version 7.3\nSIMATIC WinCC version 7.4\nSIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10918",
        "trust": 3.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-08",
        "trust": 3.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-697412",
        "trust": 1.8
      },
      {
        "db": "BID",
        "id": "108404",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "63A18FD7-D96A-4DF7-A648-6F834337CFC7",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      }
    ]
  },
  "id": "VAR-201905-1321",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      }
    ],
    "trust": 1.5496564849999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:37:16.574000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-697412",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
      },
      {
        "title": "Siemens SIMATIC PCS 7 and SIMATIC WinCC input patches for verification error vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/161829"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=8ee2a5f6493c2fed7b0aee2edd85e1cb"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-749",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-08"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-08"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10918"
      },
      {
        "trust": 1.3,
        "url": "http://www.securityfocus.com/bid/108404"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10918"
      },
      {
        "trust": 0.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108404"
      },
      {
        "date": "2019-06-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      },
      {
        "date": "2019-05-14T20:29:02.483000",
        "db": "NVD",
        "id": "CVE-2019-10918"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "date": "2019-10-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "date": "2019-10-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "date": "2019-05-22T06:00:00",
        "db": "BID",
        "id": "108404"
      },
      {
        "date": "2019-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "date": "2021-10-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      },
      {
        "date": "2024-11-21T04:20:08.927000",
        "db": "NVD",
        "id": "CVE-2019-10918"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Vulnerability related to input validation in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ],
    "trust": 0.6
  }
}

var-202006-1828
Vulnerability from variot

A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. plural SIMATIC The product contains vulnerabilities in unquoted search paths or elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Opera Software, Opera, etc. are all products of Opera Software in Norway. Opera is a web browser, Siemens SIMATIC S7-1500, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Code issue vulnerabilities exist in several products. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1828",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs neo",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic prosave",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic automatic tool",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics starter commissioning tool",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc open architecture",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.17"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic net pc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic step 7",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinec network management system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic step 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinema server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic step 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.6"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "sinamics startdrive",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinumerik one virtual",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinumerik operate",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc open architecture",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.16"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "21.8"
      },
      {
        "model": "simatic step 7",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.6"
      },
      {
        "model": "simatic automation tool",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc software",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs neo",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic prosave",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic step 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc oa",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_automation_tool",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_neo",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_prosave",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_step_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_open_architecture",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ander Martinez of Titanium Industrial Security and INCIBE reported this vulnerability to Siemens.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2020-7580",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-7580",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.1,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.2,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-006496",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-185705",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.8,
            "id": "CVE-2020-7580",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.7,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-006496",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-7580",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "JVNDB-2020-006496",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202006-636",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-185705",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-7580",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. plural SIMATIC The product contains vulnerabilities in unquoted search paths or elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Opera Software, Opera, etc. are all products of Opera Software in Norway. Opera is a web browser, Siemens SIMATIC S7-1500, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Code issue vulnerabilities exist in several products. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-7580",
        "trust": 2.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-161-04",
        "trust": 2.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-312271",
        "trust": 1.8
      },
      {
        "db": "JVN",
        "id": "JVNVU97501786",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2015",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-185705",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      }
    ]
  },
  "id": "VAR-202006-1828",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      }
    ],
    "trust": 0.6991104690909089
  },
  "last_update_date": "2024-11-23T20:22:32.187000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-312271:Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
      },
      {
        "title": "Multiple Siemens Product code issue vulnerability fixes",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=121186"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9c51f352314e5a42566d9203d2f1e0a2"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-428",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.2,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7580"
      },
      {
        "trust": 1.2,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-04"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7580"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu97501786/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-code-execution-via-windows-exe-extension-32489"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2015/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/428.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-161-04"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-06-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "date": "2020-06-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "date": "2020-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "date": "2020-06-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      },
      {
        "date": "2020-06-10T17:15:12.347000",
        "db": "NVD",
        "id": "CVE-2020-7580"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-12-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "date": "2022-04-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "date": "2020-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "date": "2022-12-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      },
      {
        "date": "2024-11-21T05:37:24.840000",
        "db": "NVD",
        "id": "CVE-2020-7580"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Vulnerabilities in unquoted search paths or elements in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ],
    "trust": 0.6
  }
}

var-202003-0764
Vulnerability from variot

A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions < V8.2 Upd12), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions < V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions < V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition. Successful exploitation requires no system privileges and no user interaction. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) It may be put into a state. Both Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of the German company Siemens. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is a set of automated data acquisition and monitoring (SCADA) system. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected:

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202003-0764",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "14.0.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "openpcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "openpcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0_update_1"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic route control",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic net pc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic net pc software",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic openpcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic route control",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc-software",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "openpcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.1"
      },
      {
        "model": "openpcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.2"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.1"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.2"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.1"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.0"
      },
      {
        "model": "openpcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.0"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v9.0"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v9.0"
      },
      {
        "model": "simatic wincc upd1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.5.1"
      },
      {
        "model": "simatic wincc sp2",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic wincc",
        "version": "13"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openpcs 7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openpcs 7",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openpcs 7",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic batch",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic batch",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic batch",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic net pc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic net pc",
        "version": "16"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic route control",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic route control",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic route control",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.5.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "14.0.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "15.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "16"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23038"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-19282"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_openpcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_route_control",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Nicholas Miles from Tenable reported this vulnerability to Siemens.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-592"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-19282",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2019-19282",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.1,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.1,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2019-014892",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2020-23038",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-151713",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-19282",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2019-014892",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-19282",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2019-19282",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "JVNDB-2019-014892",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-23038",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202002-592",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-151713",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-19282",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23038"
      },
      {
        "db": "VULHUB",
        "id": "VHN-151713"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-19282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-19282"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-19282"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd12), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions \u003c V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions \u003c V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition. \nSuccessful exploitation requires no system privileges and no user interaction. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) It may be put into a state. Both Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of the German company Siemens. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is a set of automated data acquisition and monitoring (SCADA) system. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected:",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-19282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23038"
      },
      {
        "db": "IVD",
        "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098"
      },
      {
        "db": "VULHUB",
        "id": "VHN-151713"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-19282"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-19282",
        "trust": 3.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-042-06",
        "trust": 2.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-270778",
        "trust": 1.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23038",
        "trust": 0.9
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-592",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014892",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-042-08",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-042-07",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-042-05",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-042-03",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-042-04",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-042-09",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-042-02",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-042-01",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-042-10",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.0486",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.0486.2",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.0486.3",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "F4962B74-9C97-44A9-9A1D-5D93CF01F098",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-151713",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-19282",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23038"
      },
      {
        "db": "VULHUB",
        "id": "VHN-151713"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-19282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-19282"
      }
    ]
  },
  "id": "VAR-202003-0764",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23038"
      },
      {
        "db": "VULHUB",
        "id": "VHN-151713"
      }
    ],
    "trust": 1.62645873125
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23038"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:20:20.713000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-270778",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf"
      },
      {
        "title": "Patch for Multiple Siemens product input verification error vulnerabilities (CNVD-2020-23038)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/214033"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=800a481f0929c6152050035d1acdb727"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-23038"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-19282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-131",
        "trust": 1.0
      },
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-151713"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-19282"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-06"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-19282"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-19282"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-10"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-09"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-08"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-07"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-05"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-04"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-03"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-02"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-01"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.0486/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.0486.2/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.0486.3/"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-042-06"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-042-06"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-23038"
      },
      {
        "db": "VULHUB",
        "id": "VHN-151713"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-19282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-19282"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23038"
      },
      {
        "db": "VULHUB",
        "id": "VHN-151713"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-19282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-19282"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-02-11T00:00:00",
        "db": "IVD",
        "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098"
      },
      {
        "date": "2020-04-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-23038"
      },
      {
        "date": "2020-03-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-151713"
      },
      {
        "date": "2020-03-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-19282"
      },
      {
        "date": "2020-03-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      },
      {
        "date": "2020-02-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202002-592"
      },
      {
        "date": "2020-03-10T20:15:18.960000",
        "db": "NVD",
        "id": "CVE-2019-19282"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-04-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-23038"
      },
      {
        "date": "2020-10-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-151713"
      },
      {
        "date": "2022-04-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-19282"
      },
      {
        "date": "2020-03-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      },
      {
        "date": "2023-04-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202002-592"
      },
      {
        "date": "2024-11-21T04:34:29.480000",
        "db": "NVD",
        "id": "CVE-2019-19282"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-592"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation vulnerabilities in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-014892"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation error",
    "sources": [
      {
        "db": "IVD",
        "id": "f4962b74-9c97-44a9-9a1d-5d93cf01f098"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202002-592"
      }
    ],
    "trust": 0.8
  }
}

var-202402-1389
Vulnerability from variot

A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202402-1389",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime professional",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "18"
      },
      {
        "model": "openpcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic route control",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "19"
      },
      {
        "model": "simatic batch",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic batch",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic route control",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "openpcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.1"
      },
      {
        "model": "openpcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "79.1"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v19"
      },
      {
        "model": "simatic wincc sp2 update",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.515"
      },
      {
        "model": "simatic wincc sp4",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09314"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027393"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48364"
      }
    ]
  },
  "cve": "CVE-2023-48364",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2024-09314",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2023-48364",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2023-48364",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2023-48364",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2023-48364",
            "trust": 1.0,
            "value": "High"
          },
          {
            "author": "NVD",
            "id": "CVE-2023-48364",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2024-09314",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09314"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027393"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48364"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48364"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-48364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027393"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-09314"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-48364"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-48364",
        "trust": 3.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-753746",
        "trust": 2.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-24-046-12",
        "trust": 0.9
      },
      {
        "db": "JVN",
        "id": "JVNVU91198149",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU94620134",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027393",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-09314",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-48364",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09314"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-48364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027393"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48364"
      }
    ]
  },
  "id": "VAR-202402-1389",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09314"
      }
    ],
    "trust": 1.295444247142857
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09314"
      }
    ]
  },
  "last_update_date": "2024-10-24T20:52:21.130000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Null pointer dereference vulnerability (CNVD-2024-09314) in multiple Siemens products",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/526516"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09314"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-476",
        "trust": 1.0
      },
      {
        "problemtype": "NULL Pointer dereference (CWE-476) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027393"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48364"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html"
      },
      {
        "trust": 0.9,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-12"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/\u3010\u81ea\u52d5\uff1a\u8981jvnvu\u8ffd\u52a0\u3011\u30b7\u30fc\u30e1\u30f3\u30b9/"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91198149/"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu94620134/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-48364"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09314"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-48364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027393"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48364"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-09314"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-48364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027393"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-48364"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-02-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-09314"
      },
      {
        "date": "2024-02-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-48364"
      },
      {
        "date": "2024-10-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-027393"
      },
      {
        "date": "2024-02-13T09:15:45.980000",
        "db": "NVD",
        "id": "CVE-2023-48364"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-02-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-09314"
      },
      {
        "date": "2024-02-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-48364"
      },
      {
        "date": "2024-10-21T06:57:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-027393"
      },
      {
        "date": "2024-10-18T17:26:22.937000",
        "db": "NVD",
        "id": "CVE-2023-48364"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "in multiple Siemens products \u00a0NULL\u00a0 Pointer dereference vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-027393"
      }
    ],
    "trust": 0.8
  }
}

var-201504-0235
Vulnerability from variot

Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Professional before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Basic Panels 1st Generation (WinCC TIA Portal), SIMATIC HMI Mobile Panel 277 (WinCC TIA Portal), SIMATIC HMI Multi Panels (WinCC TIA Portal), and SIMATIC WinCC 7.x before 7.3 Upd4 allow remote attackers to complete authentication by leveraging knowledge of a password hash without knowledge of the associated password. plural SIMATIC HMI Products and SIMATIC WinCC Contains a vulnerability that allows authentication to be completed.Even if there is no related password information, a third party may use the password hash to complete the authentication. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. Siemens SIMATIC and SIMATIC WinCC HMI Comfort Panels have verification bypass vulnerabilities that allow remote attackers to exploit vulnerabilities to bypass authentication. Multiple Siemens SIMATIC products are prone to an authentication-bypass vulnerability. This may aid in further attacks. The SIMATIC HMI Panel series, SIMATIC WinCC Runtime Advanced and Professional are all HMI software for operating and monitoring machines and plants. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. A remote attacker could exploit this vulnerability to authenticate using a known hashed password

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201504-0235",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 2.2,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 2.2,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 2.2,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 2.2,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "simatic hmi basic panels 2nd generation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "(wincc 13 sp1 upd2"
      },
      {
        "model": "simatic hmi mobile panel 277",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "(wincc all versions )"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3 upd4"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": ")"
      },
      {
        "model": "simatic hmi multi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "(wincc all versions )"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "(wincc 13 sp1 upd2"
      },
      {
        "model": "simatic hmi basic panels 1st generation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "(wincc all versions )"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.x"
      },
      {
        "model": "simatic hmi basic panels 2nd generation",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": ")"
      },
      {
        "model": "simatic hmi basic panels generation",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1"
      },
      {
        "model": "simatic hmi basic panels generation",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi mobile panel",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "277"
      },
      {
        "model": "simatic hmi mobile panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "7.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "7.3"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "344280cb-0461-40fa-a3c6-537ff0ce4aff"
      },
      {
        "db": "IVD",
        "id": "9844de6a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02291"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-097"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2823"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/h:siemens:simatic_hmi_basic_panels_generation_1",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:siemens:simatic_hmi_basic_panels_generation_2",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:siemens:simatic_hmi_mobile_panel_277",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:siemens:simatic_hmi_multi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Quarkslab team and Ilya Karpov from Positive Technologies.",
    "sources": [
      {
        "db": "BID",
        "id": "74040"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-2823",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2015-2823",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2015-02291",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "344280cb-0461-40fa-a3c6-537ff0ce4aff",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "9844de6a-2351-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-80784",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-2823",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-2823",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-02291",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201504-097",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "344280cb-0461-40fa-a3c6-537ff0ce4aff",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "9844de6a-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-80784",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2015-2823",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "344280cb-0461-40fa-a3c6-537ff0ce4aff"
      },
      {
        "db": "IVD",
        "id": "9844de6a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02291"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-2823"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-097"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2823"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Professional before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Basic Panels 1st Generation (WinCC TIA Portal), SIMATIC HMI Mobile Panel 277 (WinCC TIA Portal), SIMATIC HMI Multi Panels (WinCC TIA Portal), and SIMATIC WinCC 7.x before 7.3 Upd4 allow remote attackers to complete authentication by leveraging knowledge of a password hash without knowledge of the associated password. plural SIMATIC HMI Products and SIMATIC WinCC Contains a vulnerability that allows authentication to be completed.Even if there is no related password information, a third party may use the password hash to complete the authentication. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. Siemens SIMATIC and SIMATIC WinCC HMI Comfort Panels have verification bypass vulnerabilities that allow remote attackers to exploit vulnerabilities to bypass authentication. Multiple Siemens SIMATIC products are prone to an authentication-bypass vulnerability. This may aid in further attacks. The SIMATIC HMI Panel series, SIMATIC WinCC Runtime Advanced and Professional are all HMI software for operating and monitoring machines and plants. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. A remote attacker could exploit this vulnerability to authenticate using a known hashed password",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-2823"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02291"
      },
      {
        "db": "BID",
        "id": "74040"
      },
      {
        "db": "IVD",
        "id": "344280cb-0461-40fa-a3c6-537ff0ce4aff"
      },
      {
        "db": "IVD",
        "id": "9844de6a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-2823"
      }
    ],
    "trust": 2.97
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-2823",
        "trust": 3.9
      },
      {
        "db": "BID",
        "id": "74040",
        "trust": 2.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-487246",
        "trust": 1.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-097",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02291",
        "trust": 1.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-15-099-01",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002126",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "344280CB-0461-40FA-A3C6-537FF0CE4AFF",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "9844DE6A-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-80784",
        "trust": 0.1
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-15-099-01E",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-2823",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "344280cb-0461-40fa-a3c6-537ff0ce4aff"
      },
      {
        "db": "IVD",
        "id": "9844de6a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02291"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-2823"
      },
      {
        "db": "BID",
        "id": "74040"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-097"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2823"
      }
    ]
  },
  "id": "VAR-201504-0235",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "344280cb-0461-40fa-a3c6-537ff0ce4aff"
      },
      {
        "db": "IVD",
        "id": "9844de6a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02291"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80784"
      }
    ],
    "trust": 1.8226849
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "344280cb-0461-40fa-a3c6-537ff0ce4aff"
      },
      {
        "db": "IVD",
        "id": "9844de6a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02291"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:13:31.035000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-487246",
        "trust": 0.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf"
      },
      {
        "title": "Siemens SIMATIC and SIMATIC WinCC HMI Comfort Panels verify patches for bypassing vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/57127"
      },
      {
        "title": "The Register",
        "trust": 0.2,
        "url": "https://www.theregister.co.uk/2015/08/31/ruskie_ics_hacker_drops_nine_holes_in_popular_siemens_power_plant_kit/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02291"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-2823"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-80784"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2823"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2823"
      },
      {
        "trust": 1.3,
        "url": "http://www.securityfocus.com/bid/74040"
      },
      {
        "trust": 1.2,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2823"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-15-099-01"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/287.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.theregister.co.uk/2015/08/31/ruskie_ics_hacker_drops_nine_holes_in_popular_siemens_power_plant_kit/"
      },
      {
        "trust": 0.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-15-099-01e"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02291"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-2823"
      },
      {
        "db": "BID",
        "id": "74040"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-097"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2823"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "344280cb-0461-40fa-a3c6-537ff0ce4aff"
      },
      {
        "db": "IVD",
        "id": "9844de6a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02291"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-2823"
      },
      {
        "db": "BID",
        "id": "74040"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-097"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2823"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-04-10T00:00:00",
        "db": "IVD",
        "id": "344280cb-0461-40fa-a3c6-537ff0ce4aff"
      },
      {
        "date": "2015-04-10T00:00:00",
        "db": "IVD",
        "id": "9844de6a-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2015-04-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-02291"
      },
      {
        "date": "2015-04-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-80784"
      },
      {
        "date": "2015-04-08T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-2823"
      },
      {
        "date": "2015-04-10T00:00:00",
        "db": "BID",
        "id": "74040"
      },
      {
        "date": "2015-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      },
      {
        "date": "2015-04-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201504-097"
      },
      {
        "date": "2015-04-08T16:59:01.270000",
        "db": "NVD",
        "id": "CVE-2015-2823"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-04-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-02291"
      },
      {
        "date": "2016-11-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-80784"
      },
      {
        "date": "2016-11-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-2823"
      },
      {
        "date": "2015-11-03T19:21:00",
        "db": "BID",
        "id": "74040"
      },
      {
        "date": "2015-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      },
      {
        "date": "2015-04-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201504-097"
      },
      {
        "date": "2024-11-21T02:28:09.547000",
        "db": "NVD",
        "id": "CVE-2015-2823"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-097"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC HMI Products and  SIMATIC WinCC Vulnerabilities that complete authentication",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002126"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-097"
      }
    ],
    "trust": 0.6
  }
}

var-202411-0543
Vulnerability from variot

A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 Safety V16 (All versions), SIMATIC STEP 7 Safety V17 (All versions < V17 Update 8), SIMATIC STEP 7 Safety V18 (All versions < V18 Update 5), SIMATIC STEP 7 V16 (All versions), SIMATIC STEP 7 V17 (All versions < V17 Update 8), SIMATIC STEP 7 V18 (All versions < V18 Update 5), SIMATIC WinCC Unified V16 (All versions), SIMATIC WinCC Unified V17 (All versions < V17 Update 8), SIMATIC WinCC Unified V18 (All versions < V18 Update 5), SIMATIC WinCC V16 (All versions), SIMATIC WinCC V17 (All versions < V17 Update 8), SIMATIC WinCC V18 (All versions < V18 Update 5), SIMOCODE ES V16 (All versions), SIMOCODE ES V17 (All versions < V17 Update 8), SIMOCODE ES V18 (All versions), SIMOTION SCOUT TIA V5.4 SP1 (All versions), SIMOTION SCOUT TIA V5.4 SP3 (All versions), SIMOTION SCOUT TIA V5.5 SP1 (All versions), SINAMICS Startdrive V16 (All versions), SINAMICS Startdrive V17 (All versions), SINAMICS Startdrive V18 (All versions), SIRIUS Safety ES V17 (All versions < V17 Update 8), SIRIUS Safety ES V18 (All versions), SIRIUS Soft Starter ES V17 (All versions < V17 Update 8), SIRIUS Soft Starter ES V18 (All versions), TIA Portal Cloud V16 (All versions), TIA Portal Cloud V17 (All versions < V4.6.0.1), TIA Portal Cloud V18 (All versions < V4.6.1.0). Affected products do not properly sanitize user-controllable input when parsing user settings. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. SIMATIC S7-PLCSIM simulates S7-1200, S7-1500 and some other PLC derivatives, shipped as part of SIMATIC STEP 7. SIMATIC step7 (TIA Portal) is an engineering software for configuring and programming SIMATIC controllers. simmocode ES is the core software package for simmocode pro configuration, commissioning, operation and diagnostics. SINAMICS Startdrive commissioning software is the engineering tool for integrating SINAMICS drives in TIA Portal. TIA Portal is a PC software that provides the full range of Siemens digital automation services from digital planning and integrated engineering to transparent operation. TIA Portal Cloud makes it possible to use the main package and main option package of TIA Portal in a virtualized environment

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202411-0543",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic s7-plcsim",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17"
      },
      {
        "model": "simatic s7-plcsim",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v16"
      },
      {
        "model": "sirius safety es",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18"
      },
      {
        "model": "sirius soft starter es",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18"
      },
      {
        "model": "simatic step safety",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v16"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v16"
      },
      {
        "model": "simatic wincc unified",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v16"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v16"
      },
      {
        "model": "simocode es",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v16"
      },
      {
        "model": "simotion scout tia sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v5.4"
      },
      {
        "model": "sinamics startdrive",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v16"
      },
      {
        "model": "tia portal cloud",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v16"
      },
      {
        "model": "sinamics startdrive",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17"
      },
      {
        "model": "simotion scout tia sp3",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v5.4"
      },
      {
        "model": "simatic step safety update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v17\u003c178"
      },
      {
        "model": "simatic step update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v17\u003c178"
      },
      {
        "model": "simatic wincc unified update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17\u003c178"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17\u003c178"
      },
      {
        "model": "simocode es update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17\u003c178"
      },
      {
        "model": "sirius safety es update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17\u003c178"
      },
      {
        "model": "sirius soft starter es update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17\u003c178"
      },
      {
        "model": "tia portal cloud",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17\u003c4.6.0.1"
      },
      {
        "model": "simatic step safety update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v18\u003c185"
      },
      {
        "model": "simatic step update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v18\u003c185"
      },
      {
        "model": "simatic wincc unified update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18\u003c185"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18\u003c185"
      },
      {
        "model": "tia portal cloud",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18\u003c4.6.1.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      }
    ]
  },
  "cve": "CVE-2023-32736",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.1,
            "id": "CNVD-2024-45214",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.3,
            "id": "CVE-2023-32736",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2023-32736",
            "trust": 1.0,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2024-45214",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-32736"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 Safety V16 (All versions), SIMATIC STEP 7 Safety V17 (All versions \u003c V17 Update 8), SIMATIC STEP 7 Safety V18 (All versions \u003c V18 Update 5), SIMATIC STEP 7 V16 (All versions), SIMATIC STEP 7 V17 (All versions \u003c V17 Update 8), SIMATIC STEP 7 V18 (All versions \u003c V18 Update 5), SIMATIC WinCC Unified V16 (All versions), SIMATIC WinCC Unified V17 (All versions \u003c V17 Update 8), SIMATIC WinCC Unified V18 (All versions \u003c V18 Update 5), SIMATIC WinCC V16 (All versions), SIMATIC WinCC V17 (All versions \u003c V17 Update 8), SIMATIC WinCC V18 (All versions \u003c V18 Update 5), SIMOCODE ES V16 (All versions), SIMOCODE ES V17 (All versions \u003c V17 Update 8), SIMOCODE ES V18 (All versions), SIMOTION SCOUT TIA V5.4 SP1 (All versions), SIMOTION SCOUT TIA V5.4 SP3 (All versions), SIMOTION SCOUT TIA V5.5 SP1 (All versions), SINAMICS Startdrive V16 (All versions), SINAMICS Startdrive V17 (All versions), SINAMICS Startdrive V18 (All versions), SIRIUS Safety ES V17 (All versions \u003c V17 Update 8), SIRIUS Safety ES V18 (All versions), SIRIUS Soft Starter ES V17 (All versions \u003c V17 Update 8), SIRIUS Soft Starter ES V18 (All versions), TIA Portal Cloud V16 (All versions), TIA Portal Cloud V17 (All versions \u003c V4.6.0.1), TIA Portal Cloud V18 (All versions \u003c V4.6.1.0). Affected products do not properly sanitize user-controllable input when parsing user settings. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. SIMATIC S7-PLCSIM simulates S7-1200, S7-1500 and some other PLC derivatives, shipped as part of SIMATIC STEP 7. SIMATIC step7 (TIA Portal) is an engineering software for configuring and programming SIMATIC controllers. simmocode ES is the core software package for simmocode pro configuration, commissioning, operation and diagnostics. SINAMICS Startdrive commissioning software is the engineering tool for integrating SINAMICS drives in TIA Portal. TIA Portal is a PC software that provides the full range of Siemens digital automation services from digital planning and integrated engineering to transparent operation. TIA Portal Cloud makes it possible to use the main package and main option package of TIA Portal in a virtualized environment",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-32736"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      }
    ],
    "trust": 1.44
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SIEMENS",
        "id": "SSA-871035",
        "trust": 1.6
      },
      {
        "db": "NVD",
        "id": "CVE-2023-32736",
        "trust": 1.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-45214",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-32736"
      }
    ]
  },
  "id": "VAR-202411-0543",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      }
    ],
    "trust": 1.345123768
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      }
    ]
  },
  "last_update_date": "2024-11-29T23:09:56.296000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Deserialization vulnerabilities in multiple Siemens products",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/617326"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-502",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-32736"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-871035.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-32736"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-32736"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-11-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      },
      {
        "date": "2024-11-12T13:15:05.527000",
        "db": "NVD",
        "id": "CVE-2023-32736"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-11-18T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      },
      {
        "date": "2024-11-12T13:55:21.227000",
        "db": "NVD",
        "id": "CVE-2023-32736"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Deserialization vulnerabilities in multiple Siemens products",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-45214"
      }
    ],
    "trust": 0.6
  }
}

var-201411-0460
Vulnerability from variot

The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC WinCC, SIMATIC PCS 7 and TIA Portal (Botu) are all industrial automation products of German Siemens (Siemens). SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC; TIA Portal is a software platform that can quickly develop and debug automation systems. WinCC server is an option for it, which can operate multiple operating systems and monitoring stations in the network connected to the automation system. There are security vulnerabilities in the WinCC server of several Siemens products

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201411-0460",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": null,
        "scope": "eq",
        "trust": 3.2,
        "vendor": "simatic wincc",
        "version": "7.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.6,
        "vendor": "simatic wincc",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "simatic tiaportal",
        "version": "13.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic tiaportal",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3 update 2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2 update 9"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.1 to  7.1 sp4"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 to  8.0 sp2"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 to  7.0 sp3"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13 update 6"
      },
      {
        "model": "wincc 7.0-sp3",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc (\u003cupdate",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.29)"
      },
      {
        "model": "wincc (\u003cupdate",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.32)"
      },
      {
        "model": "simatic pcs 7.1-sp4",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7"
      },
      {
        "model": "simatic pcs 8.0-sp2",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic pcs7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic pcs 7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic wincc",
        "version": "7.3"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005645"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-501"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8552"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_tiaportal",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005645"
      }
    ]
  },
  "cve": "CVE-2014-8552",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-8552",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-08594",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-76497",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-8552",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-8552",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-08594",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201411-501",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-76497",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76497"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005645"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-501"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8552"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC WinCC, SIMATIC PCS 7 and TIA Portal (Botu) are all industrial automation products of German Siemens (Siemens). SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC; TIA Portal is a software platform that can quickly develop and debug automation systems. WinCC server is an option for it, which can operate multiple operating systems and monitoring stations in the network connected to the automation system. There are security vulnerabilities in the WinCC server of several Siemens products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-8552"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005645"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      },
      {
        "db": "IVD",
        "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76497"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-8552",
        "trust": 3.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-134508",
        "trust": 2.3
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-501",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08594",
        "trust": 1.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-329-02",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005645",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "60068",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "B4BC03B6-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "633E044B-7ADF-4ADF-9CA1-7D68E531ED2F",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-76497",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76497"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005645"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-501"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8552"
      }
    ]
  },
  "id": "VAR-201411-0460",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76497"
      }
    ],
    "trust": 1.7048571666666668
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:01:56.377000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-134508",
        "trust": 0.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC/PCS 7 directory traversal vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/52283"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005645"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-76497"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005645"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8552"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8552"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8552"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-329-02"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60068"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76497"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005645"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-501"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8552"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      },
      {
        "db": "VULHUB",
        "id": "VHN-76497"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005645"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-501"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-8552"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-12-01T00:00:00",
        "db": "IVD",
        "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-12-01T00:00:00",
        "db": "IVD",
        "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f"
      },
      {
        "date": "2014-12-01T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      },
      {
        "date": "2014-11-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-76497"
      },
      {
        "date": "2014-11-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-005645"
      },
      {
        "date": "2014-11-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201411-501"
      },
      {
        "date": "2014-11-26T11:59:01.373000",
        "db": "NVD",
        "id": "CVE-2014-8552"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-12-01T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      },
      {
        "date": "2014-11-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-76497"
      },
      {
        "date": "2014-11-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-005645"
      },
      {
        "date": "2014-11-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201411-501"
      },
      {
        "date": "2024-11-21T02:19:19.387000",
        "db": "NVD",
        "id": "CVE-2014-8552"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-501"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC/PCS 7 Directory Traversal Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "b4bc03b6-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "633e044b-7adf-4adf-9ca1-7d68e531ed2f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-08594"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201411-501"
      }
    ],
    "trust": 0.6
  }
}

var-201206-0072
Vulnerability from variot

The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to read or modify settings via a crafted URL, related to an "XML injection" attack. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters. There is a security vulnerability in the implementation, and an attacker can use the vulnerability to read or write system settings. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. The vulnerability is related to 'XML injection' attacks.

The vulnerability is caused due to an input sanitisation error within the DiagAgent web server and can be exploited to cause a buffer overflow and crash the DiagAgent.

Successful exploitation requires the DiagAgent web server to be enabled (disabled by default). ----------------------------------------------------------------------

Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch


TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA49341

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49341

RELEASE DATE: 2012-06-07

DISCUSS ADVISORY: http://secunia.com/advisories/49341/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/49341/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=49341

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A weakness and some vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious users to disclose potentially sensitive information and system information and manipulate certain data and by malicious people to conduct spoofing and cross-site scripting attacks. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code and e.g.

2) Certain input passed via a filename to two unspecified web applications is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.

3) Certain input passed to two unspecified web applications is not properly sanitised before being returned to the user.

4) Certain input is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.

The weakness and the vulnerabilities are reported in version 7.0 SP3.

SOLUTION: Apply "Update 2" (please see the vendor's advisory for details).

PROVIDED AND/OR DISCOVERED BY: 1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, and Andrey Medov, Positive Technologies. 4) Reported by the vendor.

ORIGINAL ADVISORY: Siemens: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf

ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201206-0072",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc sp3",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "update 2"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4c81518-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3212"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-085"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2596"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov and Siemens",
    "sources": [
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-085"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2012-2596",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2012-2596",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "c4c81518-2353-11e6-abef-000c29c66e3d",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-55877",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-2596",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-2596",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201206-085",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "c4c81518-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-55877",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4c81518-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55877"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-085"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2596"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to read or modify settings via a crafted URL, related to an \"XML injection\" attack. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters. There is a security vulnerability in the implementation, and an attacker can use the vulnerability to read or write system settings. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. The vulnerability is related to \u0027XML injection\u0027 attacks. \n\nThe vulnerability is caused due to an input sanitisation error within\nthe DiagAgent web server and can be exploited to cause a buffer\noverflow and crash the DiagAgent. \n\nSuccessful exploitation requires the DiagAgent web server to be\nenabled (disabled by default). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49341\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49341/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nRELEASE DATE:\n2012-06-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49341/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49341/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and some vulnerabilities have been reported in Siemens\nSIMATIC WinCC, which can be exploited by malicious users to disclose\npotentially sensitive information and system information and\nmanipulate certain data and by malicious people to conduct spoofing\nand cross-site scripting attacks. This can be exploited to manipulate XPath\nqueries by injecting arbitrary XPath code and e.g. \n\n2) Certain input passed via a filename to two unspecified web\napplications is not properly verified before being used to display\nfiles. This can be exploited to disclose the contents of arbitrary\nfiles via directory traversal sequences. \n\n3) Certain input passed to two unspecified web applications is not\nproperly sanitised before being returned to the user. \n\n4) Certain input is not properly verified before being used to\nredirect users. This can be exploited to redirect a user to an\narbitrary website e.g. when a user clicks a specially crafted link to\nthe affected script hosted on a trusted domain. \n\nThe weakness and the vulnerabilities are reported in version 7.0 SP3. \n\nSOLUTION:\nApply \"Update 2\" (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey\nScherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis\nBaranov, and Andrey Medov, Positive Technologies. \n4) Reported by the vendor. \n\nORIGINAL ADVISORY:\nSiemens:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2596"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3212"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "IVD",
        "id": "c4c81518-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55877"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-2596",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-158-01",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-223158",
        "trust": 1.9
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-085",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "53837",
        "trust": 0.9
      },
      {
        "db": "SECUNIA",
        "id": "49341",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3212",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002659",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "19751",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "49359",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "C4C81518-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-55877",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113374",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113371",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4c81518-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3212"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55877"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-085"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2596"
      }
    ]
  },
  "id": "VAR-201206-0072",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "c4c81518-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3212"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55877"
      }
    ],
    "trust": 1.6009954333333334
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4c81518-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3212"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:02:40.554000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-223158: Multiple Vulnerabilities in WinCC 7.0 SP3",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens WinCC Vulnerability (CNVD-2012-3212)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/18132"
      },
      {
        "title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43310"
      },
      {
        "title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43309"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3212"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-085"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-94",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55877"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2596"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-158-01.pdf"
      },
      {
        "trust": 1.9,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2596"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2596"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/49341"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/53837"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19751"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/psi_30_beta_launch"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49359/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49359/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49359"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49341/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49341/#comments"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3212"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55877"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-085"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2596"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "c4c81518-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3212"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55877"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-085"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2596"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-19T00:00:00",
        "db": "IVD",
        "id": "c4c81518-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3212"
      },
      {
        "date": "2012-06-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55877"
      },
      {
        "date": "2012-06-06T00:00:00",
        "db": "BID",
        "id": "53837"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      },
      {
        "date": "2012-06-08T07:05:53",
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "date": "2012-06-08T07:05:43",
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "date": "2012-06-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-085"
      },
      {
        "date": "2012-06-08T18:55:02.220000",
        "db": "NVD",
        "id": "CVE-2012-2596"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3212"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55877"
      },
      {
        "date": "2012-06-06T00:00:00",
        "db": "BID",
        "id": "53837"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      },
      {
        "date": "2012-06-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-085"
      },
      {
        "date": "2024-11-21T01:39:17.103000",
        "db": "NVD",
        "id": "CVE-2012-2596"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-085"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC of  Web Application  XPath Vulnerability to read settings in function",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002659"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Code injection",
    "sources": [
      {
        "db": "IVD",
        "id": "c4c81518-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-085"
      }
    ],
    "trust": 0.8
  }
}

var-201502-0370
Vulnerability from variot

The remote-management module in the (1) Multi Panels, (2) Comfort Panels, and (3) RT Advanced functionality in Siemens SIMATIC WinCC (TIA Portal) before 13 SP1 and in the (4) panels and (5) runtime functionality in SIMATIC WinCC flexible before 2008 SP3 Up7 does not properly encrypt credentials in transit, which makes it easier for remote attackers to determine cleartext credentials by sniffing the network and conducting a decryption attack. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. An information disclosure vulnerability exists in Siemens SIMATIC WinCC V13 SP1 that could allow an attacker to obtain sensitive information through man-in-the-middle attacks. Versions prior to Siemens SIMATIC WinCC TIA Portal V13 SP1 are vulnerable. The vulnerability stems from the fact that the program does not properly encrypt the certificate in transmission. A remote attacker could exploit this vulnerability by sniffing the network and performing a decryption attack to obtain clear text certificates

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201502-0370",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13 sp1"
      },
      {
        "model": "simatic wincc tia portal sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "13.0"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc flexible sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
      },
      {
        "db": "IVD",
        "id": "a11e037c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      },
      {
        "db": "BID",
        "id": "72625"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001537"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-420"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1358"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001537"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gleb Gritsai, Roman Ilin, Aleksandr Tlyapov, and Sergey Gordeychik.",
    "sources": [
      {
        "db": "BID",
        "id": "72625"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-1358",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-1358",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2015-01296",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "a11e037c-2351-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-79319",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-1358",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-1358",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-01296",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201502-420",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "a11e037c-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-79319",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
      },
      {
        "db": "IVD",
        "id": "a11e037c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      },
      {
        "db": "VULHUB",
        "id": "VHN-79319"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001537"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-420"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1358"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The remote-management module in the (1) Multi Panels, (2) Comfort Panels, and (3) RT Advanced functionality in Siemens SIMATIC WinCC (TIA Portal) before 13 SP1 and in the (4) panels and (5) runtime functionality in SIMATIC WinCC flexible before 2008 SP3 Up7 does not properly encrypt credentials in transit, which makes it easier for remote attackers to determine cleartext credentials by sniffing the network and conducting a decryption attack. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. An information disclosure vulnerability exists in Siemens SIMATIC WinCC V13 SP1 that could allow an attacker to obtain sensitive information through man-in-the-middle attacks. \nVersions prior to Siemens SIMATIC WinCC TIA Portal V13 SP1 are vulnerable. The vulnerability stems from the fact that the program does not properly encrypt the certificate in transmission. A remote attacker could exploit this vulnerability by sniffing the network and performing a decryption attack to obtain clear text certificates",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-1358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001537"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      },
      {
        "db": "BID",
        "id": "72625"
      },
      {
        "db": "IVD",
        "id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
      },
      {
        "db": "IVD",
        "id": "a11e037c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-79319"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-1358",
        "trust": 3.9
      },
      {
        "db": "SIEMENS",
        "id": "SSA-543623",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "72625",
        "trust": 2.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-16-161-02",
        "trust": 1.9
      },
      {
        "db": "SIEMENS",
        "id": "SSA-526760",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-420",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1036090",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-01296",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001537",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "6C5F6EE2-C09B-4C78-A362-83203BBFE346",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "A11E037C-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-79319",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "130406",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
      },
      {
        "db": "IVD",
        "id": "a11e037c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      },
      {
        "db": "VULHUB",
        "id": "VHN-79319"
      },
      {
        "db": "BID",
        "id": "72625"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001537"
      },
      {
        "db": "PACKETSTORM",
        "id": "130406"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-420"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1358"
      }
    ]
  },
  "id": "VAR-201502-0370",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
      },
      {
        "db": "IVD",
        "id": "a11e037c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      },
      {
        "db": "VULHUB",
        "id": "VHN-79319"
      }
    ],
    "trust": 1.7615187142857143
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
      },
      {
        "db": "IVD",
        "id": "a11e037c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:31:17.513000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-543623",
        "trust": 0.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-543623.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC TIA Portal Man-in-the-Middle Information Disclosure Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/55531"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001537"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-310",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-79319"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001537"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1358"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-543623.pdf"
      },
      {
        "trust": 1.9,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-161-02"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-526760.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/72625"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1036090"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-1358"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-1358"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1358"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      },
      {
        "db": "VULHUB",
        "id": "VHN-79319"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001537"
      },
      {
        "db": "PACKETSTORM",
        "id": "130406"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-420"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1358"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
      },
      {
        "db": "IVD",
        "id": "a11e037c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      },
      {
        "db": "VULHUB",
        "id": "VHN-79319"
      },
      {
        "db": "BID",
        "id": "72625"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001537"
      },
      {
        "db": "PACKETSTORM",
        "id": "130406"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-420"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-1358"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-02-27T00:00:00",
        "db": "IVD",
        "id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
      },
      {
        "date": "2015-02-27T00:00:00",
        "db": "IVD",
        "id": "a11e037c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2015-02-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      },
      {
        "date": "2015-02-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-79319"
      },
      {
        "date": "2015-02-13T00:00:00",
        "db": "BID",
        "id": "72625"
      },
      {
        "date": "2015-02-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-001537"
      },
      {
        "date": "2015-02-16T17:36:59",
        "db": "PACKETSTORM",
        "id": "130406"
      },
      {
        "date": "2015-02-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201502-420"
      },
      {
        "date": "2015-02-18T02:59:07.813000",
        "db": "NVD",
        "id": "CVE-2015-1358"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-06-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      },
      {
        "date": "2016-11-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-79319"
      },
      {
        "date": "2016-07-06T14:57:00",
        "db": "BID",
        "id": "72625"
      },
      {
        "date": "2016-06-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-001537"
      },
      {
        "date": "2015-02-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201502-420"
      },
      {
        "date": "2024-11-21T02:25:14.990000",
        "db": "NVD",
        "id": "CVE-2015-1358"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "130406"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-420"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC TIA Portal Man-in-the-middle information disclosure vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "6c5f6ee2-c09b-4c78-a362-83203bbfe346"
      },
      {
        "db": "IVD",
        "id": "a11e037c-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-01296"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "encryption problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-420"
      }
    ],
    "trust": 0.6
  }
}

var-201306-0316
Vulnerability from variot

The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerate account names via crafted URL parameters. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC And PCS 7 are prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this weakness to discern valid usernames. This may aid brute-force password cracking or other attacks. There is a vulnerability in the Web Navigator in Siemens WinCC 7.2 Update 1 and earlier versions used in SIMATIC PCS7 8.0 SP1 and earlier versions and other products

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201306-0316",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 sp1"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2 update 1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "78.x"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002984"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-249"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3959"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002984"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Alexander Tlyapov from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "60559"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-3959",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2013-3959",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CNVD-2013-07608",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "e694e1ea-2352-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-63961",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-3959",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-3959",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-07608",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201306-249",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "e694e1ea-2352-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-63961",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63961"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002984"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-249"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3959"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerate account names via crafted URL parameters. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC And PCS 7 are prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. \nAttackers may exploit this weakness to discern valid usernames. This may aid brute-force password cracking or other attacks. There is a vulnerability in the Web Navigator in Siemens WinCC 7.2 Update 1 and earlier versions used in SIMATIC PCS7 8.0 SP1 and earlier versions and other products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-3959"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002984"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      },
      {
        "db": "BID",
        "id": "60559"
      },
      {
        "db": "IVD",
        "id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63961"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-3959",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345843",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "53805",
        "trust": 1.2
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-169-02",
        "trust": 1.1
      },
      {
        "db": "BID",
        "id": "60559",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-249",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07608",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002984",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E694E1EA-2352-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-63961",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63961"
      },
      {
        "db": "BID",
        "id": "60559"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002984"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-249"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3959"
      }
    ]
  },
  "id": "VAR-201306-0316",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63961"
      }
    ],
    "trust": 1.5048571666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:45:40.099000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345843: Vulnerabilites in WinCC 7.2",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
      },
      {
        "title": "Siemens SIMATIC WinCC/PCS 7 User Name Enumeration Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/34668"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002984"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-63961"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002984"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3959"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345843.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-13-169-02"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3959"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3959"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/53805/"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/53805"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63961"
      },
      {
        "db": "BID",
        "id": "60559"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002984"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-249"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3959"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      },
      {
        "db": "VULHUB",
        "id": "VHN-63961"
      },
      {
        "db": "BID",
        "id": "60559"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002984"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-249"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-3959"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-06-19T00:00:00",
        "db": "IVD",
        "id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      },
      {
        "date": "2013-06-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63961"
      },
      {
        "date": "2013-06-14T00:00:00",
        "db": "BID",
        "id": "60559"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002984"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-249"
      },
      {
        "date": "2013-06-14T19:55:01.270000",
        "db": "NVD",
        "id": "CVE-2013-3959"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      },
      {
        "date": "2013-06-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-63961"
      },
      {
        "date": "2015-03-19T09:11:00",
        "db": "BID",
        "id": "60559"
      },
      {
        "date": "2013-06-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002984"
      },
      {
        "date": "2013-06-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201306-249"
      },
      {
        "date": "2024-11-21T01:54:37.447000",
        "db": "NVD",
        "id": "CVE-2013-3959"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-249"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC/PCS 7 User Name Enumeration Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "e694e1ea-2352-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-07608"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201306-249"
      }
    ],
    "trust": 0.6
  }
}

var-202111-0484
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). Legitimate file operations on the web server of the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read, write or delete unexpected critical files. SIMATIC PCS 7 and SIMATIC WinCC Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202111-0484",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "17"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014830"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40358"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Thomas Riedmaier from Siemens Energy reported these vulnerabilities to Siemens.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-777"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-40358",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-40358",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-401715",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-40358",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.1,
            "id": "CVE-2021-40358",
            "impactScore": 6.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-40358",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-40358",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2021-40358",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-40358",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202111-777",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-401715",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-40358",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401715"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014830"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-777"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40358"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40358"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 5). Legitimate file operations on the web server of the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read, write or delete unexpected critical files. SIMATIC PCS 7 and SIMATIC WinCC Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-40358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014830"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401715"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40358"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-40358",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-840188",
        "trust": 1.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-315-03",
        "trust": 1.5
      },
      {
        "db": "JVN",
        "id": "JVNVU95671889",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014830",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3874",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-777",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-401715",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40358",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401715"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014830"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-777"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40358"
      }
    ]
  },
  "id": "VAR-202111-0484",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401715"
      }
    ],
    "trust": 0.7286399
  },
  "last_update_date": "2024-11-23T19:53:32.316000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-840188",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf"
      },
      {
        "title": "Siemens SIMATIC PCS 7  and SIMATIC WinCC Repair measures for path traversal vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=169659"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=3a61c08d20a7380576ecaddca7385945"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Live-Hack-CVE/CVE-2021-40358 "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-40358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014830"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-777"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.1
      },
      {
        "problemtype": "Path traversal (CWE-22) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401715"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014830"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40358"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf"
      },
      {
        "trust": 0.9,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-03"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu95671889/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40358"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-multiple-vulnerabilities-via-wincc-36835"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3874"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-03"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/22.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2021-40358"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401715"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014830"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-777"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40358"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-401715"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-40358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014830"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-777"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40358"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-11-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-401715"
      },
      {
        "date": "2021-11-09T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-40358"
      },
      {
        "date": "2022-10-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-014830"
      },
      {
        "date": "2021-11-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-777"
      },
      {
        "date": "2021-11-09T12:15:09.930000",
        "db": "NVD",
        "id": "CVE-2021-40358"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-10-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-401715"
      },
      {
        "date": "2022-10-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-40358"
      },
      {
        "date": "2022-10-28T06:57:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-014830"
      },
      {
        "date": "2023-04-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-777"
      },
      {
        "date": "2024-11-21T06:23:56.737000",
        "db": "NVD",
        "id": "CVE-2021-40358"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-777"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATIC\u00a0PCS\u00a07\u00a0 and \u00a0SIMATIC\u00a0WinCC\u00a0 Past traversal vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014830"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "path traversal",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-777"
      }
    ],
    "trust": 0.6
  }
}

var-201407-0603
Vulnerability from variot

The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens SIMATIC WinCC And PCS7 that can be exploited by remote attackers to gain elevated privileges on affected devices. Siemens SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. There is a security hole in the WebNavigator server used by Siemens SIMATIC WinCC versions prior to 7.3 for PCS7 and other products

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0603",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": null,
        "scope": "eq",
        "trust": 2.4,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 2.4,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "wincc",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "pcs7",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.2"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2d78202-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
      },
      {
        "db": "IVD",
        "id": "7d71e153-463f-11e9-be10-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04644"
      },
      {
        "db": "BID",
        "id": "68879"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-603"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4683"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai from Positive Technologies.",
    "sources": [
      {
        "db": "BID",
        "id": "68879"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-4683",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "CVE-2014-4683",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "CNVD-2014-04644",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "e2d78202-2351-11e6-abef-000c29c66e3d",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "c0a709a9-648b-4fbc-869e-37cd7064012b",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "7d71e153-463f-11e9-be10-000c29342cb1",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "VHN-72624",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:S/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-4683",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-4683",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-04644",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201407-603",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "e2d78202-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "c0a709a9-648b-4fbc-869e-37cd7064012b",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d71e153-463f-11e9-be10-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-72624",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2d78202-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
      },
      {
        "db": "IVD",
        "id": "7d71e153-463f-11e9-be10-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04644"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72624"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-603"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4683"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a (1) HTTP or (2) HTTPS request. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens SIMATIC WinCC And PCS7 that can be exploited by remote attackers to gain elevated privileges on affected devices. Siemens SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. There is a security hole in the WebNavigator server used by Siemens SIMATIC WinCC versions prior to 7.3 for PCS7 and other products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-4683"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04644"
      },
      {
        "db": "BID",
        "id": "68879"
      },
      {
        "db": "IVD",
        "id": "e2d78202-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
      },
      {
        "db": "IVD",
        "id": "7d71e153-463f-11e9-be10-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72624"
      }
    ],
    "trust": 3.06
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-4683",
        "trust": 4.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-214365",
        "trust": 2.3
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-603",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04644",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "68879",
        "trust": 1.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-205-02",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003566",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "60392",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "60388",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "E2D78202-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "C0A709A9-648B-4FBC-869E-37CD7064012B",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "7D71E153-463F-11E9-BE10-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-72624",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "127660",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2d78202-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
      },
      {
        "db": "IVD",
        "id": "7d71e153-463f-11e9-be10-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04644"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72624"
      },
      {
        "db": "BID",
        "id": "68879"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-603"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4683"
      }
    ]
  },
  "id": "VAR-201407-0603",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2d78202-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
      },
      {
        "db": "IVD",
        "id": "7d71e153-463f-11e9-be10-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04644"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72624"
      }
    ],
    "trust": 2.003642875
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2d78202-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
      },
      {
        "db": "IVD",
        "id": "7d71e153-463f-11e9-be10-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04644"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:31:17.673000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-214365",
        "trust": 0.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC Multiple Products Remote Privilege Escalation Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/47899"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-04644"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-72624"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4683"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4683"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4683"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/68879/info"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60388"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60392"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.3,
        "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-04644"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72624"
      },
      {
        "db": "BID",
        "id": "68879"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-603"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4683"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e2d78202-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
      },
      {
        "db": "IVD",
        "id": "7d71e153-463f-11e9-be10-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04644"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72624"
      },
      {
        "db": "BID",
        "id": "68879"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-603"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4683"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "e2d78202-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "7d71e153-463f-11e9-be10-000c29342cb1"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04644"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72624"
      },
      {
        "date": "2014-07-23T00:00:00",
        "db": "BID",
        "id": "68879"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      },
      {
        "date": "2014-07-29T22:37:22",
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-603"
      },
      {
        "date": "2014-07-24T14:55:08.050000",
        "db": "NVD",
        "id": "CVE-2014-4683"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04644"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72624"
      },
      {
        "date": "2015-03-19T09:40:00",
        "db": "BID",
        "id": "68879"
      },
      {
        "date": "2014-08-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-603"
      },
      {
        "date": "2024-11-21T02:10:41.813000",
        "db": "NVD",
        "id": "CVE-2014-4683"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-603"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC PCS 7 Used in products such as  SIMATIC WinCC of  WebNavigator Vulnerability that can be obtained privilege in the server",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003566"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Permission permission and access control",
    "sources": [
      {
        "db": "IVD",
        "id": "e2d78202-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "c0a709a9-648b-4fbc-869e-37cd7064012b"
      },
      {
        "db": "IVD",
        "id": "7d71e153-463f-11e9-be10-000c29342cb1"
      }
    ],
    "trust": 0.6
  }
}

var-201910-1743
Vulnerability from variot

Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer.

There is a null pointer vulnerability in the Siemens SIMATIC WinCC CCRedCodiAlarm control. An attacker could exploit the vulnerability to cause a denial of service

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201910-1743",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36481"
      }
    ]
  },
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2019-36481",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "CNVD",
            "id": "CNVD-2019-36481",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36481"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer. \n\r\n\r\nThere is a null pointer vulnerability in the Siemens SIMATIC WinCC CCRedCodiAlarm control. An attacker could exploit the vulnerability to cause a denial of service",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36481"
      },
      {
        "db": "IVD",
        "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d"
      }
    ],
    "trust": 0.72
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36481",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "FB1E53DD-6714-45F0-BBEB-1291ED06BF7D",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36481"
      }
    ]
  },
  "id": "VAR-201910-1743",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36481"
      }
    ],
    "trust": 1.40849285
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36481"
      }
    ]
  },
  "last_update_date": "2022-05-17T02:07:02.921000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Binary vulnerability exists in CCRedCodiAlarm control _ProcessData function of SIMATIC WinCC",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/180595"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36481"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36481"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-22T00:00:00",
        "db": "IVD",
        "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d"
      },
      {
        "date": "2019-10-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36481"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-01-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36481"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC CCRedCodiAlarm Control has null pointer vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36481"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Handling logic errors",
    "sources": [
      {
        "db": "IVD",
        "id": "fb1e53dd-6714-45f0-bbeb-1291ed06bf7d"
      }
    ],
    "trust": 0.2
  }
}

var-202111-0482
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). The affected systems store sensitive information in log files. An attacker with access to the log files could publicly expose the information or reuse it to develop further attacks on the system. SIMATIC PCS 7 and SIMATIC WinCC Contains a vulnerability related to information leakage from log files.Information may be obtained

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202111-0482",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "17"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014828"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40364"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Thomas Riedmaier from Siemens Energy reported these vulnerabilities to Siemens.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-780"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-40364",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-40364",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-401721",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2021-40364",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-40364",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-40364",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2021-40364",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-40364",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202111-780",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-401721",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401721"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014828"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-780"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40364"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40364"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 5). The affected systems store sensitive information in log files. An attacker with access to the log files could publicly expose the information or reuse it to develop further attacks on the system. SIMATIC PCS 7 and SIMATIC WinCC Contains a vulnerability related to information leakage from log files.Information may be obtained",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-40364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014828"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401721"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-40364",
        "trust": 3.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-840188",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014828",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3874",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-315-03",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-780",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-401721",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401721"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014828"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-780"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40364"
      }
    ]
  },
  "id": "VAR-202111-0482",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401721"
      }
    ],
    "trust": 0.7286399
  },
  "last_update_date": "2024-11-23T21:02:29.281000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-840188",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf"
      },
      {
        "title": "Siemens SIMATIC PCS 7  and SIMATIC WinCC Repair measures for log information disclosure vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=169661"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014828"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-780"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-532",
        "trust": 1.1
      },
      {
        "problemtype": "Information leakage from log files (CWE-532) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401721"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014828"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40364"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40364"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-multiple-vulnerabilities-via-wincc-36835"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3874"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-03"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401721"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014828"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-780"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40364"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-401721"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014828"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-780"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40364"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-11-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-401721"
      },
      {
        "date": "2022-10-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-014828"
      },
      {
        "date": "2021-11-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-780"
      },
      {
        "date": "2021-11-09T12:15:10.070000",
        "db": "NVD",
        "id": "CVE-2021-40364"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-07-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-401721"
      },
      {
        "date": "2022-10-28T06:51:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-014828"
      },
      {
        "date": "2022-08-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-780"
      },
      {
        "date": "2024-11-21T06:23:57.400000",
        "db": "NVD",
        "id": "CVE-2021-40364"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-780"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATIC\u00a0PCS\u00a07\u00a0 and \u00a0SIMATIC\u00a0WinCC\u00a0 Vulnerability regarding information leakage from log files in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014828"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "log information leak",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-780"
      }
    ],
    "trust": 0.6
  }
}

var-201708-0476
Vulnerability from variot

An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. Siemens industrial products are based on the OPC UAP protocol based on OPC to discover and configure LAN device information.

The Siemens OPC UA protocol has an XML external entity vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions. Siemens SIMATIC PCS and so on are all products of German Siemens (Siemens). Siemens SIMATIC PCS is a process control system. SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201708-0476",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "local discovery server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ocpfoundation",
        "version": "1.01.333.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "ua .net",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "ocpfoundation",
        "version": "2017-03-21"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "local discovery server",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "opc",
        "version": "1.03.367"
      },
      {
        "model": "ua .net",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "opc",
        "version": "2017-03-21"
      },
      {
        "model": "simatic it production suite",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc software",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic it production suite all",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc-software",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c=7.1"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc runtime professional sp1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "local discovery server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ocpfoundation",
        "version": "1.01.333.0"
      },
      {
        "model": "ua .net",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ocpfoundation",
        "version": "2017-03-21"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77.1"
      },
      {
        "model": "simatic net pc-software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic net pc-software sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic net pc-software hf1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic net pc-software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic net pc-software sp2 hf3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic net pc-software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic it production suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "plant connectivity",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "15.0"
      },
      {
        "model": "simatic wincc runtime professional sp1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "local discovery server",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ua net",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      },
      {
        "db": "BID",
        "id": "100559"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008019"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1273"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12069"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:opcfoundation:local_discovery_server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:opcfoundation:ua_.net",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_it_production_suite",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008019"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sergey Temnikov of Kaspersky Lab.",
    "sources": [
      {
        "db": "BID",
        "id": "100559"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-12069",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-12069",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-24363",
            "impactScore": 7.8,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
            "impactScore": 7.8,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-102554",
            "impactScore": 4.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-12069",
            "impactScore": 4.2,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-12069",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-12069",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-24363",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201708-1273",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-102554",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2017-12069",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      },
      {
        "db": "VULHUB",
        "id": "VHN-102554"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-12069"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008019"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1273"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12069"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions \u003c V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions \u003c V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. Siemens industrial products are based on the OPC UAP protocol based on OPC to discover and configure LAN device information. \n\nThe Siemens OPC UA protocol has an XML external entity vulnerability. \nAttackers can exploit this  issue to gain access to sensitive information or cause denial-of-service conditions. Siemens SIMATIC PCS and so on are all products of German Siemens (Siemens). Siemens SIMATIC PCS is a process control system. SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-12069"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008019"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      },
      {
        "db": "BID",
        "id": "100559"
      },
      {
        "db": "IVD",
        "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
      },
      {
        "db": "VULHUB",
        "id": "VHN-102554"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-12069"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-12069",
        "trust": 3.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-535640",
        "trust": 1.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-243-01",
        "trust": 1.6
      },
      {
        "db": "BID",
        "id": "100559",
        "trust": 1.5
      },
      {
        "db": "SECTRACK",
        "id": "1039510",
        "trust": 1.2
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1273",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-24363",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-243-01B",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008019",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E3C681F4-90BE-4763-9EA0-9BF8B55433BB",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-102554",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-12069",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      },
      {
        "db": "VULHUB",
        "id": "VHN-102554"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-12069"
      },
      {
        "db": "BID",
        "id": "100559"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008019"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1273"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12069"
      }
    ]
  },
  "id": "VAR-201708-0476",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      },
      {
        "db": "VULHUB",
        "id": "VHN-102554"
      }
    ],
    "trust": 1.5183507387500002
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:40:46.820000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security Update for the OPC UA .NET Sample Code",
        "trust": 0.8,
        "url": "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf"
      },
      {
        "title": "SSA-535640",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf"
      },
      {
        "title": "Patch for Siemens OPC UA Protocol XML External Entity Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/176381"
      },
      {
        "title": "Multiple Siemens product OPC Foundation UA .NET Sample Code  and Local Discovery Server Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74833"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=0561e5e7e515f186e8a5589cf02f38a8"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-12069"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008019"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1273"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-611",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-102554"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008019"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12069"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf"
      },
      {
        "trust": 1.5,
        "url": "https://opcfoundation-onlineapplications.org/faq/securitybulletins/opc_foundation_security_bulletin_cve-2017-12069.pdf"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/100559"
      },
      {
        "trust": 1.2,
        "url": "http://www.securitytracker.com/id/1039510"
      },
      {
        "trust": 0.9,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-243-01"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12069"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-243-01b"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12069"
      },
      {
        "trust": 0.6,
        "url": "https://support.industry.siemens.com/cs/ww/en/view/109746038"
      },
      {
        "trust": 0.6,
        "url": "https://support.industry.siemens.com/cs/ww/en/view/109746276"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-243-01-0"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.3,
        "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=500633095"
      },
      {
        "trust": 0.3,
        "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499356993"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/611.html"
      },
      {
        "trust": 0.1,
        "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55504"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-17-243-01-0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      },
      {
        "db": "VULHUB",
        "id": "VHN-102554"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-12069"
      },
      {
        "db": "BID",
        "id": "100559"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008019"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1273"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12069"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      },
      {
        "db": "VULHUB",
        "id": "VHN-102554"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-12069"
      },
      {
        "db": "BID",
        "id": "100559"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-008019"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1273"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12069"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-09-02T00:00:00",
        "db": "IVD",
        "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
      },
      {
        "date": "2017-09-01T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      },
      {
        "date": "2017-08-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-102554"
      },
      {
        "date": "2017-08-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-12069"
      },
      {
        "date": "2017-08-31T00:00:00",
        "db": "BID",
        "id": "100559"
      },
      {
        "date": "2017-10-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-008019"
      },
      {
        "date": "2017-08-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201708-1273"
      },
      {
        "date": "2017-08-30T19:29:00.210000",
        "db": "NVD",
        "id": "CVE-2017-12069"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      },
      {
        "date": "2017-10-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-102554"
      },
      {
        "date": "2017-10-06T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-12069"
      },
      {
        "date": "2018-10-12T04:00:00",
        "db": "BID",
        "id": "100559"
      },
      {
        "date": "2017-10-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-008019"
      },
      {
        "date": "2020-08-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201708-1273"
      },
      {
        "date": "2024-11-21T03:08:46.230000",
        "db": "NVD",
        "id": "CVE-2017-12069"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1273"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens OPC UA protocol XML External entity vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-24363"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1273"
      }
    ],
    "trust": 0.6
  }
}

var-201303-0253
Vulnerability from variot

CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0253",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc tia portal",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc tia portal",
        "version": "11.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "092844e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-439"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0670"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      }
    ]
  },
  "cve": "CVE-2013-0670",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2013-0670",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "092844e0-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-60672",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0670",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0670",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-439",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "092844e0-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60672",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "092844e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60672"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-439"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0670"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0670"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      },
      {
        "db": "IVD",
        "id": "092844e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60672"
      }
    ],
    "trust": 1.89
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0670",
        "trust": 2.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-03",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-212483",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-439",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001984",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "092844E0-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60672",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "092844e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60672"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-439"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0670"
      }
    ]
  },
  "id": "VAR-201303-0253",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "092844e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60672"
      }
    ],
    "trust": 0.9086316000000001
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "092844e0-2353-11e6-abef-000c29c66e3d"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:08:32.580000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-212483: Vulnerabilities in WinCC (TIA Portal) V11",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60672"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0670"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-03.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0670"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0670"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60672"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-439"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0670"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "092844e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60672"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-439"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0670"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "IVD",
        "id": "092844e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60672"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-439"
      },
      {
        "date": "2013-03-21T14:55:01.517000",
        "db": "NVD",
        "id": "CVE-2013-0670"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60672"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-439"
      },
      {
        "date": "2024-11-21T01:47:58.790000",
        "db": "NVD",
        "id": "CVE-2013-0670"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-439"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC of  HMI Web In the application  CRLF Injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001984"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "092844e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-439"
      }
    ],
    "trust": 0.8
  }
}

var-201209-0224
Vulnerability from variot

Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a (1) GET parameter, (2) POST parameter, or (3) Referer HTTP header. Siemens SIMATIC PCS7 And used in other products Siemens WinCC of WebNavigator Contains a cross-site scripting vulnerability.By any third party, any Web Script or HTML May be inserted. (1) GET Parameters (2) POST Parameters (3) Referer HTTP header. A cross-site request forgery vulnerability exists in Siemens SIMATIC WinCC that allows an attacker to build a malicious web page, trick the user into parsing, and perform malicious actions in the target user context. Siemens SIMATIC is an automation software in a single engineering environment. Part of the input passed to the WebNavigator component lacks filtering before returning to the user, and can be exploited for cross-site scripting attacks to obtain sensitive information or hijack user sessions. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.

The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------

The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA50568

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568

RELEASE DATE: 2012-09-11

DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/50568/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=50568

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.

2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences.

3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.

SOLUTION: Apply Update 3.

Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.

ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0224",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "6.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "77.x"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5084"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004448"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-294"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3031"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004448"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Pavel Toporkov,Denis Baranov Sergey Bobrov, Artem Chaykin,Timur Yunusov from Positive Technologies, Vladimir Kochetkov",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-294"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2012-3031",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2012-3031",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2012-5088",
            "impactScore": 7.8,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "5dd0e308-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-56312",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-3031",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-3031",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2012-5088",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201209-294",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "5dd0e308-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-56312",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56312"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004448"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-294"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3031"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a (1) GET parameter, (2) POST parameter, or (3) Referer HTTP header. Siemens SIMATIC PCS7 And used in other products Siemens WinCC of WebNavigator Contains a cross-site scripting vulnerability.By any third party, any Web Script or HTML May be inserted. (1) GET Parameters (2) POST Parameters (3) Referer HTTP header. A cross-site request forgery vulnerability exists in Siemens SIMATIC WinCC that allows an attacker to build a malicious web page, trick the user into parsing, and perform malicious actions in the target user context. Siemens SIMATIC is an automation software in a single engineering environment. Part of the input passed to the WebNavigator component lacks filtering before returning to the user, and can be exploited for cross-site scripting attacks to obtain sensitive information or hijack user sessions. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-3031"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004448"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5084"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "IVD",
        "id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56312"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      }
    ],
    "trust": 3.42
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-3031",
        "trust": 4.2
      },
      {
        "db": "SIEMENS",
        "id": "SSA-864051",
        "trust": 2.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-256-01",
        "trust": 1.9
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-294",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5084",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004448",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "47149",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "55492",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "5DD0E308-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "SECUNIA",
        "id": "50581",
        "trust": 0.2
      },
      {
        "db": "SECUNIA",
        "id": "50568",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-56312",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116445",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116447",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5084"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56312"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004448"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-294"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3031"
      }
    ]
  },
  "id": "VAR-201209-0224",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5084"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56312"
      }
    ],
    "trust": 2.1048571666666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.4
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5084"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:02.506000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/"
      },
      {
        "title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC Cross-Site Request Forgery Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/80787"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC Cross-Site Scripting Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/22132"
      },
      {
        "title": "WinCC_V70_SP3_Upd4",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=44861"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5084"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004448"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-294"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-56312"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004448"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3031"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf"
      },
      {
        "trust": 1.3,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://en.securitylab.ru/lab/pt-2012-42"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3031"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3031"
      },
      {
        "trust": 0.6,
        "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "trust": 0.6,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/47149"
      },
      {
        "trust": 0.3,
        "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/blog/325/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50581/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50581/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50568/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50568/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5084"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56312"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004448"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-294"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3031"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5084"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56312"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004448"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-294"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3031"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-09-13T00:00:00",
        "db": "IVD",
        "id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "date": "2012-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5084"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56312"
      },
      {
        "date": "2012-09-11T00:00:00",
        "db": "BID",
        "id": "55492"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004448"
      },
      {
        "date": "2012-09-11T07:30:00",
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "date": "2012-09-11T07:30:06",
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-294"
      },
      {
        "date": "2012-09-18T14:55:01.490000",
        "db": "NVD",
        "id": "CVE-2012-3031"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-08-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "date": "2012-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5084"
      },
      {
        "date": "2012-09-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56312"
      },
      {
        "date": "2012-09-12T22:50:00",
        "db": "BID",
        "id": "55492"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004448"
      },
      {
        "date": "2020-07-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-294"
      },
      {
        "date": "2024-11-21T01:40:09.087000",
        "db": "NVD",
        "id": "CVE-2012-3031"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-294"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC Cross-Site Scripting Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "5dd0e308-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5084"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-294"
      }
    ],
    "trust": 0.6
  }
}

var-201905-0115
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Multiple Siemens Products are prone to following security vulnerabilities: 1. An information-disclosure vulnerability 2. A cross-site-scripting vulnerability 3. A security vulnerability An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use. The vulnerability stems from the lack of correct validation of client data in WEB applications

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0115",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc \\",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi mp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi op",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi tp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic hmi classic devices",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime professional update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.11"
      },
      {
        "model": "simatic wincc runtime advanced update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15.11"
      },
      {
        "model": "simatic hmi ktp mobile update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic hmi comfort panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      },
      {
        "model": "simatic hmi comfort outdoor panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15.11"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens ProductCERT reported these vulnerabilities to NCCIC.,Siemens ProductCERT",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-6577",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "CVE-2019-6577",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "VHN-158012",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.3,
            "id": "CVE-2019-6577",
            "impactScore": 2.7,
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-6577",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-6577",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-588",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-158012",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Multiple Siemens Products are prone to following security vulnerabilities:\n1. An information-disclosure vulnerability\n2. A cross-site-scripting vulnerability\n3. A security vulnerability\nAn attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use. The vulnerability stems from the lack of correct validation of client data in WEB applications",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-6577",
        "trust": 2.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-09",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "108412",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-804486",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588",
        "trust": 0.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-54365",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-158012",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      }
    ]
  },
  "id": "VAR-201905-0115",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      }
    ],
    "trust": 0.7545892989999999
  },
  "last_update_date": "2024-11-23T21:37:16.753000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-804486",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
      },
      {
        "title": "Siemens SIMATIC Panels  and WinCC Fixes for cross-site scripting vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92738"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-80",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/108412"
      },
      {
        "trust": 1.9,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-09"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6577"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.9,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-09"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6577"
      },
      {
        "trust": 0.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29288"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "db": "BID",
        "id": "108412"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6577"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108412"
      },
      {
        "date": "2019-06-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      },
      {
        "date": "2019-05-14T20:29:04.623000",
        "db": "NVD",
        "id": "CVE-2019-6577"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158012"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108412"
      },
      {
        "date": "2019-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      },
      {
        "date": "2019-05-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      },
      {
        "date": "2024-11-21T04:46:44.267000",
        "db": "NVD",
        "id": "CVE-2019-6577"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Product cross-site scripting vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004634"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-588"
      }
    ],
    "trust": 0.6
  }
}

var-202306-0974
Vulnerability from variot

A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These services were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents. simatic net pc software , SIMATIC PCS 7 , SIMATIC WinCC Unspecified vulnerabilities exist in multiple Siemens products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202306-0974",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic net pc software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic net pc software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "sinaut st7sc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic net pc software",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinaut st7sc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-014286"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28829"
      }
    ]
  },
  "cve": "CVE-2023-28829",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2023-28829",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT",
            "author": "productcert@siemens.com",
            "availabilityImpact": "LOW",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 0.5,
            "id": "CVE-2023-28829",
            "impactScore": 3.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2023-28829",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2023-28829",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2023-28829",
            "trust": 1.0,
            "value": "LOW"
          },
          {
            "author": "NVD",
            "id": "CVE-2023-28829",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202306-882",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-014286"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-882"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28829"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28829"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions \u003c V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms \u0026 Events)) were used per default. These\r\nservices were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents. simatic net pc software , SIMATIC PCS 7 , SIMATIC WinCC Unspecified vulnerabilities exist in multiple Siemens products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-28829"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-014286"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-28829"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-28829",
        "trust": 3.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-508677",
        "trust": 2.5
      },
      {
        "db": "JVN",
        "id": "JVNVU99464755",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-23-166-05",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-014286",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-882",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-28829",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-28829"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-014286"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-882"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28829"
      }
    ]
  },
  "id": "VAR-202306-0974",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.619477415
  },
  "last_update_date": "2024-08-14T12:54:22.598000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Siemens SIMATIC PCS 7 Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=244458"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-882"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-477",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-014286"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28829"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu99464755/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-28829"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-05"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2023-28829/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-28829"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-014286"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-882"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28829"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2023-28829"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-014286"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-882"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28829"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-06-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-28829"
      },
      {
        "date": "2023-12-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-014286"
      },
      {
        "date": "2023-06-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202306-882"
      },
      {
        "date": "2023-06-13T09:15:16.707000",
        "db": "NVD",
        "id": "CVE-2023-28829"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-06-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-28829"
      },
      {
        "date": "2023-12-22T08:15:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-014286"
      },
      {
        "date": "2023-07-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202306-882"
      },
      {
        "date": "2023-07-05T17:36:45.750000",
        "db": "NVD",
        "id": "CVE-2023-28829"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-882"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerabilities in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-014286"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202306-882"
      }
    ],
    "trust": 0.6
  }
}

var-201202-0046
Vulnerability from variot

Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4510. plural Siemens Product HMI Web The server contains a cross-site scripting vulnerability. This vulnerability is CVE-2011-4510 This is a different vulnerability.By any third party, Web Script or HTML May be inserted. Siemens SIMATIC is an automation software in a single engineering environment. The SIMATIC HMI Smart Options web server has two separate cross-site scripting attacks that allow elevation of privilege, stealing data or corrupting services. SIMATIC HMI is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0046",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11 sp2 update 1"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "2008 sp3"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "simatic hmi smart options",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28629d64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0461"
      },
      {
        "db": "BID",
        "id": "51835"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-086"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4511"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Billy Rios, Terry McCorkle, Shawn Merdinger, and Luigi Auriemma.",
    "sources": [
      {
        "db": "BID",
        "id": "51835"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-4511",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2011-4511",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "28629d64-2354-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-52456",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4511",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4511",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-086",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "28629d64-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52456",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2011-4511",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28629d64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52456"
      },
      {
        "db": "VULMON",
        "id": "CVE-2011-4511"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-086"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4511"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4510. plural Siemens Product HMI Web The server contains a cross-site scripting vulnerability. This vulnerability is CVE-2011-4510 This is a different vulnerability.By any third party, Web Script or HTML May be inserted. Siemens SIMATIC is an automation software in a single engineering environment. The SIMATIC HMI Smart Options web server has two separate cross-site scripting attacks that allow elevation of privilege, stealing data or corrupting services. SIMATIC HMI is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4511"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0461"
      },
      {
        "db": "BID",
        "id": "51835"
      },
      {
        "db": "IVD",
        "id": "28629d64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52456"
      },
      {
        "db": "VULMON",
        "id": "CVE-2011-4511"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4511",
        "trust": 3.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 3.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-086",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0461",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001313",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "19403",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01A",
        "trust": 0.4
      },
      {
        "db": "BID",
        "id": "51835",
        "trust": 0.4
      },
      {
        "db": "IVD",
        "id": "28629D64-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52456",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2011-4511",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28629d64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0461"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52456"
      },
      {
        "db": "VULMON",
        "id": "CVE-2011-4511"
      },
      {
        "db": "BID",
        "id": "51835"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-086"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4511"
      }
    ]
  },
  "id": "VAR-201202-0046",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "28629d64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0461"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52456"
      }
    ],
    "trust": 1.52394115
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28629d64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0461"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:30.355000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC HMI Cross-Site Scripting Vulnerability (CNVD-2012-0461)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/9059"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0461"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52456"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4511"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.5,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4511"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4511"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19403"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/automation/en/human-machine-interface/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/79.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.securityfocus.com/bid/51835"
      },
      {
        "trust": 0.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-12-030-01a"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0461"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52456"
      },
      {
        "db": "VULMON",
        "id": "CVE-2011-4511"
      },
      {
        "db": "BID",
        "id": "51835"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-086"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4511"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "28629d64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0461"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52456"
      },
      {
        "db": "VULMON",
        "id": "CVE-2011-4511"
      },
      {
        "db": "BID",
        "id": "51835"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-086"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4511"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "IVD",
        "id": "28629d64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0461"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52456"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2011-4511"
      },
      {
        "date": "2012-01-30T00:00:00",
        "db": "BID",
        "id": "51835"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-086"
      },
      {
        "date": "2012-02-03T20:55:01.407000",
        "db": "NVD",
        "id": "CVE-2011-4511"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0461"
      },
      {
        "date": "2012-02-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52456"
      },
      {
        "date": "2012-02-06T00:00:00",
        "db": "VULMON",
        "id": "CVE-2011-4511"
      },
      {
        "date": "2012-04-18T21:20:00",
        "db": "BID",
        "id": "51835"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-086"
      },
      {
        "date": "2024-11-21T01:32:27.130000",
        "db": "NVD",
        "id": "CVE-2011-4511"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-086"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Product  HMI Web Server vulnerable to cross-site scripting",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001313"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-086"
      }
    ],
    "trust": 0.6
  }
}

var-201209-0223
Vulnerability from variot

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote attackers to read a (1) log file or (2) configuration file via a direct request. Siemens SIMATIC is an automation software in a single engineering environment. The Siemens SIMATIC WinCC WebNavigator component incorrectly handles input, allowing an attacker to read system files using a directory traversal sequence. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.

The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------

The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA50568

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568

RELEASE DATE: 2012-09-11

DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/50568/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=50568

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.

1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user.

3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.

SOLUTION: Apply Update 3.

Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.

ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0223",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "77.x"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-293"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3030"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004447"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Denis Baranov Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov,Timur Yunusov from Positive Technologies",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-293"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2012-3030",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2012-3030",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "5dd6af86-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-56311",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-3030",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-3030",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201209-293",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "5dd6af86-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-56311",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56311"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-293"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3030"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote attackers to read a (1) log file or (2) configuration file via a direct request. Siemens SIMATIC is an automation software in a single engineering environment. The Siemens SIMATIC WinCC WebNavigator component incorrectly handles input, allowing an attacker to read system files using a directory traversal sequence. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-3030"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004447"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5083"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "IVD",
        "id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56311"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-3030",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-864051",
        "trust": 2.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-256-01",
        "trust": 2.5
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-293",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "55492",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5083",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004447",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "50568",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "20651",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "20932",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "5DD6AF86-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "SECUNIA",
        "id": "50581",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-56311",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116445",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116447",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5083"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56311"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004447"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-293"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3030"
      }
    ]
  },
  "id": "VAR-201209-0223",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5083"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56311"
      }
    ],
    "trust": 1.5048571666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5083"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:02.561000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/"
      },
      {
        "title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC arbitrary file read vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/22131"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004447"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-56311"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004447"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3030"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf"
      },
      {
        "trust": 1.9,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://en.securitylab.ru/lab/pt-2012-43"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3030"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3030"
      },
      {
        "trust": 0.6,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/50568"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/55492"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/20932"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/20651"
      },
      {
        "trust": 0.3,
        "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/blog/325/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50581/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50581/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50568/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50568/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5083"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56311"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004447"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-293"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3030"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5083"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56311"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004447"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-293"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3030"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-09-13T00:00:00",
        "db": "IVD",
        "id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5083"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56311"
      },
      {
        "date": "2012-09-11T00:00:00",
        "db": "BID",
        "id": "55492"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004447"
      },
      {
        "date": "2012-09-11T07:30:00",
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "date": "2012-09-11T07:30:06",
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-293"
      },
      {
        "date": "2012-09-18T14:55:01.443000",
        "db": "NVD",
        "id": "CVE-2012-3030"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5083"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56311"
      },
      {
        "date": "2012-09-12T22:50:00",
        "db": "BID",
        "id": "55492"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004447"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-293"
      },
      {
        "date": "2024-11-21T01:40:08.963000",
        "db": "NVD",
        "id": "CVE-2012-3030"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-293"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC Arbitrary File Read Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "5dd6af86-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5083"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-293"
      }
    ],
    "trust": 0.6
  }
}

var-201910-1745
Vulnerability from variot

Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer.

A stack overflow vulnerability exists in the Siemens SIMATIC WinCC CCDiagnosis.dll control. An attacker can execute arbitrary code by constructing parameters

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201910-1745",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6b6c30fd-ad55-4f07-882f-e839b4f79d3b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36480"
      }
    ]
  },
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2019-36480",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "6b6c30fd-ad55-4f07-882f-e839b4f79d3b",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "CNVD",
            "id": "CNVD-2019-36480",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "6b6c30fd-ad55-4f07-882f-e839b4f79d3b",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6b6c30fd-ad55-4f07-882f-e839b4f79d3b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36480"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer. \n\r\n\r\nA stack overflow vulnerability exists in the Siemens SIMATIC WinCC CCDiagnosis.dll control. An attacker can execute arbitrary code by constructing parameters",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36480"
      },
      {
        "db": "IVD",
        "id": "6b6c30fd-ad55-4f07-882f-e839b4f79d3b"
      }
    ],
    "trust": 0.72
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36480",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "6B6C30FD-AD55-4F07-882F-E839B4F79D3B",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6b6c30fd-ad55-4f07-882f-e839b4f79d3b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36480"
      }
    ]
  },
  "id": "VAR-201910-1745",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "6b6c30fd-ad55-4f07-882f-e839b4f79d3b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36480"
      }
    ],
    "trust": 1.40849285
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6b6c30fd-ad55-4f07-882f-e839b4f79d3b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36480"
      }
    ]
  },
  "last_update_date": "2022-05-17T01:57:38.229000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Binary vulnerability exists in CCDiagnosis.dll control Diagnose1 function of SIMATIC WinCC",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/180585"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36480"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "6b6c30fd-ad55-4f07-882f-e839b4f79d3b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36480"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-22T00:00:00",
        "db": "IVD",
        "id": "6b6c30fd-ad55-4f07-882f-e839b4f79d3b"
      },
      {
        "date": "2019-10-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36480"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-01-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36480"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack overflow vulnerability in Siemens SIMATIC WinCC CCDiagnosis.dll control",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36480"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "6b6c30fd-ad55-4f07-882f-e839b4f79d3b"
      }
    ],
    "trust": 0.2
  }
}

var-201705-3973
Vulnerability from variot

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover. SIMATIC WinCC (TIA Portal), SIMATIC STEP 7, SMART PC Access, SIMATIC Automation Tool, etc. are all industrial automation products from Siemens AG. A number of Siemens industrial products have a denial of service vulnerability. Attackers can exploit this issue to crash the affected device, denying service to legitimate users. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3973",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "smart pc access",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "sinema server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "sinumerik 808d programming tool",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinaut st7cc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible 2008",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic step 7 micro\\/win smart",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic winac rtx 2010",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic automation tool",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinaut st7cc",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 808d programming tool",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic automation tool",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic winac rtx f 2010",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "primary setup tool",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc-software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic step 7 \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "security configuration tool",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "primary setup tool",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "security configuration tool",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc software",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic step 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v5.x"
      },
      {
        "model": "simatic step 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic winac rtx 2010",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic winac rtx f 2010",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible 2008",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinema server",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "smart pc access",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "step 7 - micro/win smart",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "75.x"
      },
      {
        "model": "simatic winac rtx sp2 all",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic winac rtx f sp2 all",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "security configuration tool all",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "primary setup tool all",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7"
      },
      {
        "model": "simatic wincc professional sp2",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc professional sp1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic step sp2",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003cv13"
      },
      {
        "model": "simatic step sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003cv14"
      },
      {
        "model": "step micro win smart",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7-/"
      },
      {
        "model": "simatic net pc-software",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 808d programming tool",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinema server sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "sinema server sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12.0"
      },
      {
        "model": "sinema server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12.0-"
      },
      {
        "model": "sinema server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinaut st7cc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc flexible sp3 up7",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc basic",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic winac rtx f sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic winac rtx sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic step tia portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v14"
      },
      {
        "model": "simatic step tia portal sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v13"
      },
      {
        "model": "simatic step tia portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7v13"
      },
      {
        "model": "simatic step sp4 hf4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp3 hf10",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp2 hf7",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp1 hf2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic step sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "75.5"
      },
      {
        "model": "simatic pcs sp4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77"
      },
      {
        "model": "simatic net pc-software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic net pc-software sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic net pc-software hf1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic net pc-software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic net pc-software sp2 hf3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic net pc-software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic automation tool",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.0.2"
      },
      {
        "model": "simatic automation tool",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.0"
      },
      {
        "model": "security configuration tool",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "primary setup tool",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "micro/win",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic step tia portal sp1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "714"
      },
      {
        "model": "simatic step tia portal sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "713"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "pcs 7",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "primary setup tool",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "security configuration tool",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic automation tool",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic net pc",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 tia portal",
        "version": "14.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic step 7 micro win smart",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx 2010",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx f 2010",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "14.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc flexible 2008",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinaut st7cc",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinema server",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinumerik 808d programming tool",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "smart pc access",
        "version": "2.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06152"
      },
      {
        "db": "BID",
        "id": "98366"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-632"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6865"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:primary_setup_tool",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:security_configuration_tool",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_automation_tool",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_step_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_step_7_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_winac_rtx_2010",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_winac_rtx_f_2010",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_flexible_2008",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:sinaut_st7cc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:sinema_server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:sinumerik_808d_programming_tool",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:smart_pc_access",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_step_7_micro%2fwin_smart",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Duan JinTong, Ma ShaoShuai, and Cheng Lei from NSFOCUS Security Team.",
    "sources": [
      {
        "db": "BID",
        "id": "98366"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-6865",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CVE-2017-6865",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2017-06152",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "VHN-115068",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-6865",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-6865",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-6865",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-06152",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201703-632",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-115068",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06152"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115068"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-632"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6865"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in Primary Setup Tool (PST) (All versions \u003c V4.2 HF1), SIMATIC Automation Tool (All versions \u003c V3.0), SIMATIC NET PC-Software (All versions \u003c V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1), SIMATIC STEP 7 V5.X (All versions \u003c V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Update 15), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions \u003c flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC \u003c V7.3 Update 15), SINEMA Server (All versions \u003c V14), SINUMERIK 808D Programming Tool (All versions \u003c V4.7 SP4 HF2), SMART PC Access (All versions \u003c V2.3), STEP 7 - Micro/WIN SMART (All versions \u003c V2.3), Security Configuration Tool (SCT) (All versions \u003c V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover. SIMATIC WinCC (TIA Portal), SIMATIC STEP 7, SMART PC Access, SIMATIC Automation Tool, etc. are all industrial automation products from Siemens AG. A number of Siemens industrial products have a denial of service vulnerability. \nAttackers can exploit this issue to crash the affected device, denying service to legitimate users. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-6865"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06152"
      },
      {
        "db": "BID",
        "id": "98366"
      },
      {
        "db": "IVD",
        "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115068"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-6865",
        "trust": 3.6
      },
      {
        "db": "BID",
        "id": "98366",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-275839",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-129-01",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-632",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06152",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004136",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "1B7B75AD-C1F6-4E73-BE28-FF3E458E7677",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-115068",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06152"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115068"
      },
      {
        "db": "BID",
        "id": "98366"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-632"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6865"
      }
    ]
  },
  "id": "VAR-201705-3973",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06152"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115068"
      }
    ],
    "trust": 1.6053430508000002
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06152"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:56:13.083000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-275839",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-275839.pdf"
      },
      {
        "title": "There are patches for denial of service vulnerabilities in many Siemens products",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/93344"
      },
      {
        "title": "Multiple Siemens Fixes for product input validation vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90621"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06152"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-632"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-115068"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6865"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://www.securityfocus.com/bid/98366"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-01"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6865"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-6865"
      },
      {
        "trust": 0.6,
        "url": "http://www.siemens.com/cert/en/cert-security-advisories.htm"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06152"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115068"
      },
      {
        "db": "BID",
        "id": "98366"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-632"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6865"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06152"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115068"
      },
      {
        "db": "BID",
        "id": "98366"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-632"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-6865"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-09T00:00:00",
        "db": "IVD",
        "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677"
      },
      {
        "date": "2017-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06152"
      },
      {
        "date": "2017-05-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-115068"
      },
      {
        "date": "2017-05-09T00:00:00",
        "db": "BID",
        "id": "98366"
      },
      {
        "date": "2017-06-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      },
      {
        "date": "2017-03-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-632"
      },
      {
        "date": "2017-05-11T10:29:00.227000",
        "db": "NVD",
        "id": "CVE-2017-6865"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06152"
      },
      {
        "date": "2019-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-115068"
      },
      {
        "date": "2017-05-23T16:23:00",
        "db": "BID",
        "id": "98366"
      },
      {
        "date": "2017-09-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      },
      {
        "date": "2019-04-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-632"
      },
      {
        "date": "2024-11-21T03:30:41.443000",
        "db": "NVD",
        "id": "CVE-2017-6865"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-632"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Service disruption in products  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004136"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "1b7b75ad-c1f6-4e73-be28-ff3e458e7677"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-632"
      }
    ],
    "trust": 0.8
  }
}

var-201202-0048
Vulnerability from variot

Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader. plural Siemens The product includes HMI Web An arbitrary code execution vulnerability exists due to a flaw in processing related to the server and runtime loader.Crafted by attackers project An arbitrary code may be executed via the file. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. Social engineering is required to enable administrators to download files and execute them. SIMATIC Wincc Runtime Advanced is prone to a remote security vulnerability. Vulnerabilities exist in several versions of Siemens SIMATIC WinCC

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0048",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi panels tp",
        "scope": null,
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels op",
        "scope": null,
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels mp",
        "scope": null,
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels mobile panels",
        "scope": null,
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels comfort panels",
        "scope": null,
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28dd62b0-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0463"
      },
      {
        "db": "BID",
        "id": "78355"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001315"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-088"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4513"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001315"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "78355"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-4513",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2011-4513",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "28dd62b0-2354-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-52458",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4513",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4513",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-088",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "28dd62b0-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52458",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28dd62b0-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52458"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001315"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-088"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4513"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader. plural Siemens The product includes HMI Web An arbitrary code execution vulnerability exists due to a flaw in processing related to the server and runtime loader.Crafted by attackers project An arbitrary code may be executed via the file. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. Social engineering is required to enable administrators to download files and execute them. SIMATIC Wincc Runtime Advanced is prone to a remote security vulnerability. Vulnerabilities exist in several versions of Siemens SIMATIC WinCC",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4513"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001315"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0463"
      },
      {
        "db": "BID",
        "id": "78355"
      },
      {
        "db": "IVD",
        "id": "28dd62b0-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52458"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4513",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 2.0
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0463",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-088",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001315",
        "trust": 0.8
      },
      {
        "db": "BID",
        "id": "78355",
        "trust": 0.4
      },
      {
        "db": "IVD",
        "id": "28DD62B0-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52458",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28dd62b0-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0463"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52458"
      },
      {
        "db": "BID",
        "id": "78355"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001315"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-088"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4513"
      }
    ]
  },
  "id": "VAR-201202-0048",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "28dd62b0-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0463"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52458"
      }
    ],
    "trust": 1.5188906333333334
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28dd62b0-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0463"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:29.376000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC HMI Vulnerability (CNVD-2012-0463)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/9061"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0463"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001315"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4513"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 2.0,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4513"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4513"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0463"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52458"
      },
      {
        "db": "BID",
        "id": "78355"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001315"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-088"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4513"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "28dd62b0-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0463"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52458"
      },
      {
        "db": "BID",
        "id": "78355"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001315"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-088"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4513"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "IVD",
        "id": "28dd62b0-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0463"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52458"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "BID",
        "id": "78355"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001315"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-088"
      },
      {
        "date": "2012-02-03T20:55:01.513000",
        "db": "NVD",
        "id": "CVE-2011-4513"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0463"
      },
      {
        "date": "2012-02-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52458"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "BID",
        "id": "78355"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001315"
      },
      {
        "date": "2012-02-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-088"
      },
      {
        "date": "2024-11-21T01:32:27.357000",
        "db": "NVD",
        "id": "CVE-2011-4513"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-088"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Vulnerabilities in products that allow arbitrary code execution",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001315"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-088"
      }
    ],
    "trust": 0.6
  }
}

var-201908-1835
Vulnerability from variot

A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices. plural SIMATIC The product contains an access control vulnerability.Information may be tampered with. The Simatic S7-1200 CPU and Simatic S7-1500 CPU series are discrete and continuous control in industrial environments such as manufacturing, food and beverage, and chemical industries. A man-in-the-middle attack vulnerability exists in the SIMATICS7-1200 and SIMATICS7-1500CPU families. The vulnerability could impact the integrity of the communication. No public exploitation of the vulnerability was known at the time of advisory publication. Both Siemens SIMATIC S7-1500 CPU and Siemens SIMATIC S7-1200 are products of Siemens, Germany. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. Siemens SIMATIC S7-1200 is a S7-1200 series PLC (programmable logic controller). This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201908-1835",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic s7-1200 cpu 1212c",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "simatic cp 1626",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi panel",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200sp open controller cpu 1515sp pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1500 cpu 1512c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1200 cpu 1211c",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic step 7",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic et 200sp open controller cpu 1515sp pc2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1500 cpu 1511c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-plcsim advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic net pc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc open architecture",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.15"
      },
      {
        "model": "simatic s7-1500 cpu 1518",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic tim 1531 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "simatic s7-1200 cpu 1215c",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "simatic wincc open architecture",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.16"
      },
      {
        "model": "simatic s7-1200 cpu 1214c",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "simatic s7-1200 cpu 1217c",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "simatic et 200 sp open controller cpu 1515sp pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200 sp open controller cpu 1515sp pc2",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200 cpu 1211c",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200 cpu 1212c",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200 cpu 1214c",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200 cpu 1215c",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200 cpu 1217c",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1511c",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1512c",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu 1518",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu family",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-plcsim advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200 cpu family",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.0"
      },
      {
        "model": "simatic et 200sp open controller cpu1515sp pc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200sp open controller cpu1515sp pc2",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp open controller cpu 1515sp pc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 cpu 1512c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 plcsim advanced",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp open controller cpu 1515sp pc2",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200 cpu 1211c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200 cpu 1212c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200 cpu 1214c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200 cpu 1215c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200 cpu 1217c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 cpu 1518",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 cpu 1511c",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "dd013399-7645-48ff-9360-e9388bbf86bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-008096"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10929"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1211c_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1212c_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1214c_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1215c_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_cpu_1217c_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_cpu_1511c_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_cpu_1512c_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_cpu_1518_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-008096"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Eli Biham, Sara Bitan, and Alon Dankner from Faculty of Computer Science, Technion Haifa, reported this vulnerability to Siemens., Aviad Carmel",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-895"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10929",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2019-10929",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2019-27647",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.9,
            "id": "dd013399-7645-48ff-9360-e9388bbf86bb",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.2,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-142524",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.2,
            "id": "CVE-2019-10929",
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.9,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-10929",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-10929",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-10929",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-27647",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201908-895",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "dd013399-7645-48ff-9360-e9388bbf86bb",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142524",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-10929",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "dd013399-7645-48ff-9360-e9388bbf86bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142524"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10929"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-008096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-895"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10929"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC STEP 7 (TIA Portal) (All versions \u003c V16), SIMATIC WinCC (TIA Portal) (All versions \u003c V16), SIMATIC WinCC OA (All versions \u003c V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions \u003c V16), SIMATIC WinCC Runtime Professional (All versions \u003c V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions \u003c V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices. plural SIMATIC The product contains an access control vulnerability.Information may be tampered with. The Simatic S7-1200 CPU and Simatic S7-1500 CPU series are discrete and continuous control in industrial environments such as manufacturing, food and beverage, and chemical industries. A man-in-the-middle attack vulnerability exists in the SIMATICS7-1200 and SIMATICS7-1500CPU families. The vulnerability could impact the integrity of the communication. No public exploitation of the vulnerability was known at the time of advisory publication. Both Siemens SIMATIC S7-1500 CPU and Siemens SIMATIC S7-1200 are products of Siemens, Germany. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. Siemens SIMATIC S7-1200 is a S7-1200 series PLC (programmable logic controller). This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10929"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-008096"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      },
      {
        "db": "IVD",
        "id": "dd013399-7645-48ff-9360-e9388bbf86bb"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142524"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10929"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10929",
        "trust": 3.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-344-04",
        "trust": 2.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-232418",
        "trust": 2.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-273799",
        "trust": 1.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-895",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-27647",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-344-06",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-008096",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.4623",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "DD013399-7645-48FF-9360-E9388BBF86BB",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142524",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10929",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "dd013399-7645-48ff-9360-e9388bbf86bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142524"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10929"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-008096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-895"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10929"
      }
    ]
  },
  "id": "VAR-201908-1835",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "dd013399-7645-48ff-9360-e9388bbf86bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142524"
      }
    ],
    "trust": 1.592972417272727
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS",
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      },
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "dd013399-7645-48ff-9360-e9388bbf86bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:33:46.904000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-232418",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf"
      },
      {
        "title": "Patch for SIMATICS7-1200 and SIMATICS7-1500CPU families man-in-the-middle attack vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/175015"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=7a126d1ac7ee4b775c023b2d29df4c13"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=5ddd1615249b07f58d59e46a99a2022a"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Esamgold/SIEMENS-S7-PLCs-attacks "
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10929"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-008096"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-327",
        "trust": 1.0
      },
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-284",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142524"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-008096"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10929"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.2,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04"
      },
      {
        "trust": 2.4,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10929"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10929"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-06"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-344-04"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/siemens-simatic-man-in-the-middle-via-102-tcp-31129"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-two-vulnerabilities-30052"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.4623/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/327.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/esamgold/siemens-s7-plcs-attacks"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-19-344-04"
      },
      {
        "trust": 0.1,
        "url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111167"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142524"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10929"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-008096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-895"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10929"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "dd013399-7645-48ff-9360-e9388bbf86bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142524"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10929"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-008096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-895"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10929"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-15T00:00:00",
        "db": "IVD",
        "id": "dd013399-7645-48ff-9360-e9388bbf86bb"
      },
      {
        "date": "2019-08-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      },
      {
        "date": "2019-08-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142524"
      },
      {
        "date": "2019-08-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10929"
      },
      {
        "date": "2019-08-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-008096"
      },
      {
        "date": "2019-08-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201908-895"
      },
      {
        "date": "2019-08-13T19:15:14.860000",
        "db": "NVD",
        "id": "CVE-2019-10929"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      },
      {
        "date": "2020-10-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142524"
      },
      {
        "date": "2022-08-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10929"
      },
      {
        "date": "2019-12-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-008096"
      },
      {
        "date": "2022-08-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201908-895"
      },
      {
        "date": "2024-11-21T04:20:10.487000",
        "db": "NVD",
        "id": "CVE-2019-10929"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-895"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATICS7-1200 and SIMATICS7-1500CPU families Man-in-the-middle attack vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "dd013399-7645-48ff-9360-e9388bbf86bb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-27647"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "encryption problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201908-895"
      }
    ],
    "trust": 0.6
  }
}

var-201910-1739
Vulnerability from variot

Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer.

An overflow vulnerability exists in the Siemens SIMATIC WinCC ReportRenderer.dll control. The attacker caused an overflow by constructing a very large integer

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201910-1739",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a8ca2d34-6616-4f20-b815-60847f810d6f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36485"
      }
    ]
  },
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2019-36485",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "a8ca2d34-6616-4f20-b815-60847f810d6f",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "CNVD",
            "id": "CNVD-2019-36485",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "a8ca2d34-6616-4f20-b815-60847f810d6f",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a8ca2d34-6616-4f20-b815-60847f810d6f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36485"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer. \n\r\n\r\nAn overflow vulnerability exists in the Siemens SIMATIC WinCC ReportRenderer.dll control. The attacker caused an overflow by constructing a very large integer",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36485"
      },
      {
        "db": "IVD",
        "id": "a8ca2d34-6616-4f20-b815-60847f810d6f"
      }
    ],
    "trust": 0.72
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36485",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "A8CA2D34-6616-4F20-B815-60847F810D6F",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a8ca2d34-6616-4f20-b815-60847f810d6f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36485"
      }
    ]
  },
  "id": "VAR-201910-1739",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "a8ca2d34-6616-4f20-b815-60847f810d6f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36485"
      }
    ],
    "trust": 1.40849285
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a8ca2d34-6616-4f20-b815-60847f810d6f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36485"
      }
    ]
  },
  "last_update_date": "2022-05-17T02:01:01.976000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Binary vulnerability exists in the RenderBeginTag function of the SIMATIC WinCC ReportRenderer.dll control",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/180605"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36485"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "a8ca2d34-6616-4f20-b815-60847f810d6f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36485"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-22T00:00:00",
        "db": "IVD",
        "id": "a8ca2d34-6616-4f20-b815-60847f810d6f"
      },
      {
        "date": "2019-10-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36485"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-01-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36485"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC ReportRenderer.dll Control has an overflow vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "a8ca2d34-6616-4f20-b815-60847f810d6f"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36485"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer error",
    "sources": [
      {
        "db": "IVD",
        "id": "a8ca2d34-6616-4f20-b815-60847f810d6f"
      }
    ],
    "trust": 0.2
  }
}

var-202111-0483
Vulnerability from variot

A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 6), SIMATIC NET PC Software V17 (All versions < V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files. Multiple Siemens products contain a path traversal vulnerability.Information may be obtained. When..

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202111-0483",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simaticpcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simaticpcs 7",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "17"
      },
      {
        "model": "simaticpcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simaticpcs 7",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "17"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic net pc \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic route control",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic batch",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014829"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40359"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Thomas Riedmaier from Siemens Energy reported these vulnerabilities to Siemens.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-778"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-40359",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-40359",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-401716",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-40359",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.1,
            "id": "CVE-2021-40359",
            "impactScore": 4.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-40359",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-40359",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2021-40359",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-40359",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202111-778",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-401716",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401716"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014829"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-778"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40359"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40359"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 6), SIMATIC NET PC Software V17 (All versions \u003c V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files. Multiple Siemens products contain a path traversal vulnerability.Information may be obtained. When..",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-40359"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014829"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401716"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-40359",
        "trust": 3.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-840188",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-315-03",
        "trust": 1.4
      },
      {
        "db": "JVN",
        "id": "JVNVU95671889",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014829",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3874",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-778",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-401716",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401716"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014829"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-778"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40359"
      }
    ]
  },
  "id": "VAR-202111-0483",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401716"
      }
    ],
    "trust": 0.7692150624999999
  },
  "last_update_date": "2024-11-23T19:30:18.953000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-840188",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf"
      },
      {
        "title": "Siemens SIMATIC PCS 7  and SIMATIC WinCC Repair measures for path traversal vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=169660"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014829"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-778"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.1
      },
      {
        "problemtype": "Path traversal (CWE-22) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401716"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014829"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40359"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu95671889/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40359"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-03"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-multiple-vulnerabilities-via-wincc-36835"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3874"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-315-03"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401716"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014829"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-778"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40359"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-401716"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014829"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-778"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40359"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-11-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-401716"
      },
      {
        "date": "2022-10-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-014829"
      },
      {
        "date": "2021-11-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-778"
      },
      {
        "date": "2021-11-09T12:15:09.987000",
        "db": "NVD",
        "id": "CVE-2021-40359"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-07-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-401716"
      },
      {
        "date": "2022-10-28T06:55:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-014829"
      },
      {
        "date": "2023-04-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202111-778"
      },
      {
        "date": "2024-11-21T06:23:56.917000",
        "db": "NVD",
        "id": "CVE-2021-40359"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-778"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Path traversal vulnerability in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-014829"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "path traversal",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202111-778"
      }
    ],
    "trust": 0.6
  }
}

var-201206-0071
Vulnerability from variot

Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors involving special characters in parameters. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible.

The vulnerability is caused due to an input sanitisation error within the DiagAgent web server and can be exploited to cause a buffer overflow and crash the DiagAgent.

Successful exploitation requires the DiagAgent web server to be enabled (disabled by default). ----------------------------------------------------------------------

Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch


TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA49341

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49341

RELEASE DATE: 2012-06-07

DISCUSS ADVISORY: http://secunia.com/advisories/49341/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/49341/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=49341

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A weakness and some vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious users to disclose potentially sensitive information and system information and manipulate certain data and by malicious people to conduct spoofing and cross-site scripting attacks.

1) Certain input passed via URL parameters to two unspecified web applications is not properly sanitised before being used to construct a XPath query for XML data. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code and e.g. read or write certain system settings.

2) Certain input passed via a filename to two unspecified web applications is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.

3) Certain input passed to two unspecified web applications is not properly sanitised before being returned to the user.

4) Certain input is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.

The weakness and the vulnerabilities are reported in version 7.0 SP3.

SOLUTION: Apply "Update 2" (please see the vendor's advisory for details).

PROVIDED AND/OR DISCOVERED BY: 1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, and Andrey Medov, Positive Technologies. 4) Reported by the vendor.

ORIGINAL ADVISORY: Siemens: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf

ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201206-0071",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc sp3",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "update 2"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3211"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002658"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2595"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002658"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov and Siemens",
    "sources": [
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2012-2595",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2012-2595",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "c4cebbde-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-55876",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-2595",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-2595",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201206-084",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "c4cebbde-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-55876",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55876"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002658"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2595"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors involving special characters in parameters. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. \n\nThe vulnerability is caused due to an input sanitisation error within\nthe DiagAgent web server and can be exploited to cause a buffer\noverflow and crash the DiagAgent. \n\nSuccessful exploitation requires the DiagAgent web server to be\nenabled (disabled by default). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49341\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49341/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nRELEASE DATE:\n2012-06-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49341/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49341/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and some vulnerabilities have been reported in Siemens\nSIMATIC WinCC, which can be exploited by malicious users to disclose\npotentially sensitive information and system information and\nmanipulate certain data and by malicious people to conduct spoofing\nand cross-site scripting attacks. \n\n1) Certain input passed via URL parameters to two unspecified web\napplications is not properly sanitised before being used to construct\na XPath query for XML data. This can be exploited to manipulate XPath\nqueries by injecting arbitrary XPath code and e.g. read or write\ncertain system settings. \n\n2) Certain input passed via a filename to two unspecified web\napplications is not properly verified before being used to display\nfiles. This can be exploited to disclose the contents of arbitrary\nfiles via directory traversal sequences. \n\n3) Certain input passed to two unspecified web applications is not\nproperly sanitised before being returned to the user. \n\n4) Certain input is not properly verified before being used to\nredirect users. This can be exploited to redirect a user to an\narbitrary website e.g. when a user clicks a specially crafted link to\nthe affected script hosted on a trusted domain. \n\nThe weakness and the vulnerabilities are reported in version 7.0 SP3. \n\nSOLUTION:\nApply \"Update 2\" (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey\nScherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis\nBaranov, and Andrey Medov, Positive Technologies. \n4) Reported by the vendor. \n\nORIGINAL ADVISORY:\nSiemens:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2595"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002658"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3211"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "IVD",
        "id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55876"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-2595",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-158-01",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-223158",
        "trust": 1.9
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-084",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "53837",
        "trust": 0.9
      },
      {
        "db": "SECUNIA",
        "id": "49341",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3211",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002658",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "19751",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "49359",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "C4CEBBDE-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-55876",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113374",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113371",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3211"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55876"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002658"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2595"
      }
    ]
  },
  "id": "VAR-201206-0071",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3211"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55876"
      }
    ],
    "trust": 1.6009954333333334
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3211"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:02:40.611000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-223158: Multiple Vulnerabilities in WinCC 7.0 SP3",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens WinCC Cross-Site Scripting Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/18131"
      },
      {
        "title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43310"
      },
      {
        "title": "Update 2 for WinCC V7.0 SP3 und WinCC V7.0 SP3 ASIA",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43309"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3211"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002658"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55876"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002658"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2595"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-158-01.pdf"
      },
      {
        "trust": 1.9,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2595"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2595"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/49341"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/53837"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19751"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/psi_30_beta_launch"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49359/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49359/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49359"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49341/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49341/#comments"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-3211"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55876"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002658"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2595"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3211"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55876"
      },
      {
        "db": "BID",
        "id": "53837"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002658"
      },
      {
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2595"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-19T00:00:00",
        "db": "IVD",
        "id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3211"
      },
      {
        "date": "2012-06-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55876"
      },
      {
        "date": "2012-06-06T00:00:00",
        "db": "BID",
        "id": "53837"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002658"
      },
      {
        "date": "2012-06-08T07:05:53",
        "db": "PACKETSTORM",
        "id": "113374"
      },
      {
        "date": "2012-06-08T07:05:43",
        "db": "PACKETSTORM",
        "id": "113371"
      },
      {
        "date": "2012-06-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      },
      {
        "date": "2012-06-08T18:55:02.173000",
        "db": "NVD",
        "id": "CVE-2012-2595"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3211"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55876"
      },
      {
        "date": "2012-06-06T00:00:00",
        "db": "BID",
        "id": "53837"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002658"
      },
      {
        "date": "2012-06-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      },
      {
        "date": "2024-11-21T01:39:17",
        "db": "NVD",
        "id": "CVE-2012-2595"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC Cross-Site Scripting Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "c4cebbde-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3211"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-084"
      }
    ],
    "trust": 0.6
  }
}

var-201202-0162
Vulnerability from variot

Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute arbitrary code via vectors related to Unicode strings. Miniweb has a security vulnerability that allows an attacker to submit a specially crafted HTTP POST request to allow the server to access any illegal memory area while checking the extension of the requested file. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. HmiLoad has multiple security vulnerabilities that allow an attacker to stop a service or crash a service in multiple ways. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. When the transfer mode is enabled, the runtime loader listens on the 2308/TCP or 50523/TCP port. Without the correct data segment length and Unicode string, a stack overflow can be triggered, causing arbitrary code execution. A directory traversal vulnerability exists in the HmiLoad server that allows reading, writing, and deleting arbitrary files outside of the specified directory. Attackers can exploit these issues to execute arbitrary code in the context of the affected application, read/write or delete arbitrary files outside of the server root directory, or cause denial-of-service conditions; other attacks may also be possible

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0162",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc flexible runtime",
        "scope": null,
        "trust": 3.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible sp2",
        "scope": "eq",
        "trust": 3.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc flexible sp2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2008*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "61050c40-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5e37bfa8-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9fe8f34a-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "28c3f672-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9c31ed38-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9ef7b7be-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0465"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001317"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-090"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4875"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001317"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Luigi Auriemma",
    "sources": [
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2011-4875",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2011-4875",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "61050c40-1f7d-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "5e37bfa8-1f7d-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "9fe8f34a-1f7d-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "28c3f672-2354-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "9c31ed38-1f7d-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "9ef7b7be-1f7d-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-52820",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4875",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4875",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-090",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "61050c40-1f7d-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "5e37bfa8-1f7d-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "9fe8f34a-1f7d-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "28c3f672-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "9c31ed38-1f7d-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "9ef7b7be-1f7d-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52820",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "61050c40-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5e37bfa8-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9fe8f34a-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "28c3f672-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9c31ed38-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9ef7b7be-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52820"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001317"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-090"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4875"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute arbitrary code via vectors related to Unicode strings. Miniweb has a security vulnerability that allows an attacker to submit a specially crafted HTTP POST request to allow the server to access any illegal memory area while checking the extension of the requested file. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. HmiLoad has multiple security vulnerabilities that allow an attacker to stop a service or crash a service in multiple ways. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. When the transfer mode is enabled, the runtime loader listens on the 2308/TCP or 50523/TCP port. Without the correct data segment length and Unicode string, a stack overflow can be triggered, causing arbitrary code execution. A directory traversal vulnerability exists in the HmiLoad server that allows reading, writing, and deleting arbitrary files outside of the specified directory. \nAttackers can exploit these issues to execute arbitrary code in the context of the affected application, read/write or delete arbitrary files outside of the server root directory, or cause denial-of-service conditions; other attacks may also be possible",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4875"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001317"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0465"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "IVD",
        "id": "61050c40-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5e37bfa8-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9fe8f34a-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "28c3f672-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9c31ed38-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9ef7b7be-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52820"
      }
    ],
    "trust": 6.3
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-52820",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52820"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4875",
        "trust": 4.6
      },
      {
        "db": "BID",
        "id": "50828",
        "trust": 3.9
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 3.4
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-090",
        "trust": 1.9
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.7
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02A",
        "trust": 1.1
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02",
        "trust": 1.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "18166",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "77380",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0465",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001317",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01A",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "61050C40-1F7D-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "5E37BFA8-1F7D-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "9FE8F34A-1F7D-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "28C3F672-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "9C31ED38-1F7D-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "9EF7B7BE-1F7D-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-72366",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-52820",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "61050c40-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5e37bfa8-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9fe8f34a-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "28c3f672-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9c31ed38-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9ef7b7be-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0465"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52820"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001317"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-090"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4875"
      }
    ]
  },
  "id": "VAR-201202-0162",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "61050c40-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5e37bfa8-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9fe8f34a-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "28c3f672-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9c31ed38-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9ef7b7be-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0465"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52820"
      }
    ],
    "trust": 5.568457485714286
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 4.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "61050c40-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5e37bfa8-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9fe8f34a-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "28c3f672-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9c31ed38-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9ef7b7be-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0465"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:29.616000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 file download vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72694"
      },
      {
        "title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 memory access vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72697"
      },
      {
        "title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 Buffer Overflow Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72705"
      },
      {
        "title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 service crash vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72689"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC HMI String Stack Overflow Vulnerability (CNVD-2012-0465)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/9071"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0465"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001317"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52820"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001317"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4875"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.9,
        "url": "http://aluigi.altervista.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 3.4,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.exploit-db.com/exploits/18166"
      },
      {
        "trust": 1.1,
        "url": "http://aluigi.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02a.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.osvdb.org/77380"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71449"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4875"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4875"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/50828"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0465"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52820"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001317"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-090"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4875"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "61050c40-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5e37bfa8-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9fe8f34a-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "28c3f672-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9c31ed38-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9ef7b7be-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0465"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52820"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001317"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-090"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4875"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-12-05T00:00:00",
        "db": "IVD",
        "id": "61050c40-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "IVD",
        "id": "5e37bfa8-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "IVD",
        "id": "9fe8f34a-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "IVD",
        "id": "28c3f672-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "IVD",
        "id": "9c31ed38-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "IVD",
        "id": "9ef7b7be-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0465"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52820"
      },
      {
        "date": "2011-11-28T00:00:00",
        "db": "BID",
        "id": "50828"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001317"
      },
      {
        "date": "1900-01-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-090"
      },
      {
        "date": "2012-02-03T20:55:01.907000",
        "db": "NVD",
        "id": "CVE-2011-4875"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0465"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52820"
      },
      {
        "date": "2012-04-18T21:20:00",
        "db": "BID",
        "id": "50828"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001317"
      },
      {
        "date": "2011-11-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-090"
      },
      {
        "date": "2024-11-21T01:33:10.353000",
        "db": "NVD",
        "id": "CVE-2011-4875"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-090"
      }
    ],
    "trust": 1.2
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "61050c40-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "61050c40-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "5e37bfa8-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9fe8f34a-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "28c3f672-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9c31ed38-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "9ef7b7be-1f7d-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-090"
      }
    ],
    "trust": 1.8
  }
}

var-201711-1076
Vulnerability from variot

An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface. SIMATIC PCS 7 is a set of distributed process control systems using WinCC from Siemens AG, Germany. Siemens SIMATIC PCS 7 is prone to a denial-of-service vulnerability. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201711-1076",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.1\u003cv8.1"
      },
      {
        "model": "simatic pcs upd",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v7.313"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.2"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.313"
      },
      {
        "model": "simatic pcs7 sp1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic pcs siemens simatic pcs upd 13siemens simatic pcs",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "7v8.17v7.37v8.2"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      },
      {
        "db": "BID",
        "id": "101680"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1252"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14023"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009948"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sergey Temnikov and Vladimir Dashchenko of Kaspersky Labs.",
    "sources": [
      {
        "db": "BID",
        "id": "101680"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-14023",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2017-14023",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-32563",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.0,
            "id": "VHN-104704",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.2,
            "id": "CVE-2017-14023",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 4.9,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-14023",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-14023",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-14023",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-32563",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201708-1252",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-104704",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      },
      {
        "db": "VULHUB",
        "id": "VHN-104704"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1252"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14023"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface. SIMATIC PCS 7 is a set of distributed process control systems using WinCC from Siemens AG, Germany. Siemens SIMATIC PCS 7 is prone to a denial-of-service vulnerability. \nRemote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-14023"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009948"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      },
      {
        "db": "BID",
        "id": "101680"
      },
      {
        "db": "IVD",
        "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12"
      },
      {
        "db": "VULHUB",
        "id": "VHN-104704"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-14023",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-306-01",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "101680",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1039729",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1252",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32563",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009948",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "0FE3415C-AF39-4C5B-A5D8-06FF8B01DB12",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-104704",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      },
      {
        "db": "VULHUB",
        "id": "VHN-104704"
      },
      {
        "db": "BID",
        "id": "101680"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1252"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14023"
      }
    ]
  },
  "id": "VAR-201711-1076",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      },
      {
        "db": "VULHUB",
        "id": "VHN-104704"
      }
    ],
    "trust": 1.5482599333333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:07:25.748000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-523365",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-523365.pdf"
      },
      {
        "title": "Siemens SIMATIC PCS 7 patch for denial of service vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/105313"
      },
      {
        "title": "Siemens SIMATIC PCS Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100013"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1252"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-104704"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009948"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14023"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-01"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/101680"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1039729"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14023"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14023"
      },
      {
        "trust": 0.3,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      },
      {
        "db": "VULHUB",
        "id": "VHN-104704"
      },
      {
        "db": "BID",
        "id": "101680"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1252"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14023"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      },
      {
        "db": "VULHUB",
        "id": "VHN-104704"
      },
      {
        "db": "BID",
        "id": "101680"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1252"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-14023"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-11-03T00:00:00",
        "db": "IVD",
        "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12"
      },
      {
        "date": "2017-11-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      },
      {
        "date": "2017-11-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-104704"
      },
      {
        "date": "2017-11-02T00:00:00",
        "db": "BID",
        "id": "101680"
      },
      {
        "date": "2017-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009948"
      },
      {
        "date": "2017-08-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201708-1252"
      },
      {
        "date": "2017-11-06T22:29:00.270000",
        "db": "NVD",
        "id": "CVE-2017-14023"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-11-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      },
      {
        "date": "2021-11-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-104704"
      },
      {
        "date": "2017-12-19T22:00:00",
        "db": "BID",
        "id": "101680"
      },
      {
        "date": "2017-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009948"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201708-1252"
      },
      {
        "date": "2024-11-21T03:11:58.977000",
        "db": "NVD",
        "id": "CVE-2017-14023"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1252"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC PCS 7 Denial of service vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-32563"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation error",
    "sources": [
      {
        "db": "IVD",
        "id": "0fe3415c-af39-4c5b-a5d8-06ff8b01db12"
      },
      {
        "db": "BID",
        "id": "101680"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201708-1252"
      }
    ],
    "trust": 1.1
  }
}

var-201812-0345
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V14), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V14), SIMATIC WinCC Runtime Advanced (All versions < V14), SIMATIC WinCC Runtime Professional (All versions < V14), SIMATIC WinCC (TIA Portal) (All versions < V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server (port 80/tcp and port 443/tcp) of the affected devices could allow an attacker to inject HTTP headers. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal) are products of Siemens AG, Germany. Siemens SIMATIC Panels is a human interface panel. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. A code injection vulnerability exists in Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal), which can be exploited by an attacker to inject HTTP headers with malicious links. Multiple Siemens Products are prone to an HTTP header-injection vulnerability because it fails to sufficiently sanitize user input. This may aid in further attacks

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201812-0345",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic hmi mp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi op",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic wincc runtime",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic hmi tp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels 4\" 22\"",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "-\u003c14"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\" and 15\\\"",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic wincc runtime",
        "version": "*"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v120"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v110"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v10"
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "22"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi classic devices",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic wincc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic hmi ktp mobile panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi mp",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi op",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort outdoor panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp400f",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp700",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp700f",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp900",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp900f",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi tp",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d80ae62-463f-11e9-b905-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      },
      {
        "db": "BID",
        "id": "105931"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014527"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13814"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014527"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "105931"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-13814",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2018-13814",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-25432",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "7d80ae62-463f-11e9-b905-000c29342cb1",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-123911",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2018-13814",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-13814",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-13814",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-25432",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201811-488",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "7d80ae62-463f-11e9-b905-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-123911",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d80ae62-463f-11e9-b905-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123911"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014527"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-488"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13814"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V14), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V14), SIMATIC WinCC Runtime Advanced (All versions \u003c V14), SIMATIC WinCC Runtime Professional (All versions \u003c V14), SIMATIC WinCC (TIA Portal) (All versions \u003c V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server (port 80/tcp and port 443/tcp) of the affected devices could allow an attacker to inject HTTP headers. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal) are products of Siemens AG, Germany. Siemens SIMATIC Panels is a human interface panel. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. A code injection vulnerability exists in Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal), which can be exploited by an attacker to inject HTTP headers with malicious links. Multiple Siemens Products are prone to an HTTP header-injection vulnerability because it fails to sufficiently sanitize user input. This may aid in further attacks",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-13814"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014527"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      },
      {
        "db": "BID",
        "id": "105931"
      },
      {
        "db": "IVD",
        "id": "7d80ae62-463f-11e9-b905-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123911"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-13814",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-317-03",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "105931",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-944083",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-488",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25432",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014527",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "7D80AE62-463F-11E9-B905-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-98853",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-123911",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d80ae62-463f-11e9-b905-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123911"
      },
      {
        "db": "BID",
        "id": "105931"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014527"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-488"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13814"
      }
    ]
  },
  "id": "VAR-201812-0345",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d80ae62-463f-11e9-b905-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123911"
      }
    ],
    "trust": 1.53959078625
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d80ae62-463f-11e9-b905-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:34:04.145000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-944083",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC Panels and SIMATIC WinCC code injection vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/147353"
      },
      {
        "title": "Siemens SIMATIC Panels  and SIMATIC WinCC Fixes for code injection vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86889"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014527"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-488"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-113",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-123911"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014527"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13814"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-317-03"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/105931"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13814"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13814"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123911"
      },
      {
        "db": "BID",
        "id": "105931"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014527"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-488"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13814"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "7d80ae62-463f-11e9-b905-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123911"
      },
      {
        "db": "BID",
        "id": "105931"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014527"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-488"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13814"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-12-14T00:00:00",
        "db": "IVD",
        "id": "7d80ae62-463f-11e9-b905-000c29342cb1"
      },
      {
        "date": "2018-12-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      },
      {
        "date": "2018-12-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-123911"
      },
      {
        "date": "2018-11-13T00:00:00",
        "db": "BID",
        "id": "105931"
      },
      {
        "date": "2019-03-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014527"
      },
      {
        "date": "2018-11-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201811-488"
      },
      {
        "date": "2018-12-13T16:29:00.350000",
        "db": "NVD",
        "id": "CVE-2018-13814"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-12-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-123911"
      },
      {
        "date": "2018-11-13T00:00:00",
        "db": "BID",
        "id": "105931"
      },
      {
        "date": "2019-03-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014527"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201811-488"
      },
      {
        "date": "2024-11-21T03:48:07.560000",
        "db": "NVD",
        "id": "CVE-2018-13814"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-488"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC Panels and SIMATIC WinCC code injection vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-25432"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-488"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation error",
    "sources": [
      {
        "db": "IVD",
        "id": "7d80ae62-463f-11e9-b905-000c29342cb1"
      },
      {
        "db": "BID",
        "id": "105931"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-488"
      }
    ],
    "trust": 1.1
  }
}

var-201202-0049
Vulnerability from variot

The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attackers to obtain access via a TCP session. plural Siemens Product TELNET Since the daemon does not authenticate, there is a vulnerability that allows easy access.By a third party TCP Access can easily be gained through a session. Siemens SIMATIC is an automation software in a single engineering environment. SIMATIC panels include the Telnet daemon by default, but the daemon does not implement any validation features. A vulnerability exists in several versions of Siemens SIMATIC WinCC due to the failure of the TELNET daemon to perform authentication. A remote attacker could use this vulnerability to gain access through a TCP session

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0049",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28d0ca64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0464"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4514"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      }
    ]
  },
  "cve": "CVE-2011-4514",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2011-4514",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "28d0ca64-2354-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-52459",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4514",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4514",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-089",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "28d0ca64-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52459",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28d0ca64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52459"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4514"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attackers to obtain access via a TCP session. plural Siemens Product TELNET Since the daemon does not authenticate, there is a vulnerability that allows easy access.By a third party TCP Access can easily be gained through a session. Siemens SIMATIC is an automation software in a single engineering environment. SIMATIC panels include the Telnet daemon by default, but the daemon does not implement any validation features. A vulnerability exists in several versions of Siemens SIMATIC WinCC due to the failure of the TELNET daemon to perform authentication. A remote attacker could use this vulnerability to gain access through a TCP session",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4514"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0464"
      },
      {
        "db": "IVD",
        "id": "28d0ca64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52459"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4514",
        "trust": 3.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 3.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-089",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0464",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001316",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "28D0CA64-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52459",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28d0ca64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0464"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52459"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4514"
      }
    ]
  },
  "id": "VAR-201202-0049",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "28d0ca64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0464"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52459"
      }
    ],
    "trust": 1.5153960400000002
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28d0ca64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0464"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:29.740000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC HMI Telnet Vulnerability (CNVD-2012-0464)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/9062"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0464"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52459"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4514"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4514"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4514"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0464"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52459"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4514"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "28d0ca64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0464"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52459"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4514"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "IVD",
        "id": "28d0ca64-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0464"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52459"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-089"
      },
      {
        "date": "2012-02-03T20:55:01.577000",
        "db": "NVD",
        "id": "CVE-2011-4514"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0464"
      },
      {
        "date": "2012-02-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52459"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-089"
      },
      {
        "date": "2024-11-21T01:32:27.483000",
        "db": "NVD",
        "id": "CVE-2011-4514"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-089"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Product  TELNET Access vulnerability in daemon",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001316"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-089"
      }
    ],
    "trust": 0.6
  }
}

var-201607-0466
Vulnerability from variot

Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets. The SIMATIC WinCC (Windows Control Center) window control center is Siemens' process monitoring system, providing complete monitoring and data acquisition (SCADA) functions for the industrial sector. The SIMATIC WinCC presence file contains a vulnerability. Successful exploits may allow an attacker to read arbitrary files in the context of the user running the affected application. This may aid in further attacks. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). A security vulnerability exists in Siemens SIMATIC WinCC versions 7.0 to SP3 and 7.2

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201607-0466",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 3.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "simatic wincc",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3 for up to  7.0"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.41"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.310"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.2"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05345"
      },
      {
        "db": "BID",
        "id": "92116"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-905"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5744"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sergey Temnikov and Vladimir Dashchenko, Critical Infrastructure Defence\nTeam, Kaspersky Lab.",
    "sources": [
      {
        "db": "BID",
        "id": "92116"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-5744",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2016-5744",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-05345",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "c953b84a-1100-47f7-a149-3e8bdff937c4",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-94563",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2016-5744",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-5744",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-5744",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-05345",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201607-905",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "c953b84a-1100-47f7-a149-3e8bdff937c4",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-94563",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05345"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94563"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-905"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5744"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets. The SIMATIC WinCC (Windows Control Center) window control center is Siemens\u0027 process monitoring system, providing complete monitoring and data acquisition (SCADA) functions for the industrial sector. The SIMATIC WinCC presence file contains a vulnerability. \nSuccessful exploits may allow an attacker to read arbitrary files in the context of the user running the affected application. This may aid in further attacks. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). A security vulnerability exists in Siemens SIMATIC WinCC versions 7.0 to SP3 and 7.2",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-5744"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05345"
      },
      {
        "db": "BID",
        "id": "92116"
      },
      {
        "db": "IVD",
        "id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94563"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-5744",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-378531",
        "trust": 2.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-16-208-01",
        "trust": 2.2
      },
      {
        "db": "BID",
        "id": "92116",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1036441",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-905",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05345",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004096",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "C953B84A-1100-47F7-A149-3E8BDFF937C4",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-94563",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05345"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94563"
      },
      {
        "db": "BID",
        "id": "92116"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-905"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5744"
      }
    ]
  },
  "id": "VAR-201607-0466",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05345"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94563"
      }
    ],
    "trust": 1.5582639500000002
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05345"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:54:30.290000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-378531",
        "trust": 0.8,
        "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf"
      },
      {
        "title": "The SIMATIC WinCC presence file contains a patch for the vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/79587"
      },
      {
        "title": "Siemens SIMATIC WinCC Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63265"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-05345"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-905"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-94563"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5744"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf"
      },
      {
        "trust": 2.2,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-208-01"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/92116"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1036441"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5744"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5744"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-05345"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94563"
      },
      {
        "db": "BID",
        "id": "92116"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-905"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5744"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-05345"
      },
      {
        "db": "VULHUB",
        "id": "VHN-94563"
      },
      {
        "db": "BID",
        "id": "92116"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-905"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-5744"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-25T00:00:00",
        "db": "IVD",
        "id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
      },
      {
        "date": "2016-07-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-05345"
      },
      {
        "date": "2016-07-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-94563"
      },
      {
        "date": "2016-07-25T00:00:00",
        "db": "BID",
        "id": "92116"
      },
      {
        "date": "2016-08-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      },
      {
        "date": "2016-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-905"
      },
      {
        "date": "2016-07-22T15:59:01.397000",
        "db": "NVD",
        "id": "CVE-2016-5744"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-05345"
      },
      {
        "date": "2016-11-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-94563"
      },
      {
        "date": "2016-07-25T00:00:00",
        "db": "BID",
        "id": "92116"
      },
      {
        "date": "2016-08-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      },
      {
        "date": "2016-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-905"
      },
      {
        "date": "2024-11-21T02:54:56.460000",
        "db": "NVD",
        "id": "CVE-2016-5744"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-905"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC In any  WinCC Vulnerability in reading station files",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004096"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-905"
      }
    ],
    "trust": 0.6
  }
}

var-201504-0234
Vulnerability from variot

Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP port 102. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A port that can cause a denial of service attack. Multiple Siemens SIMATIC products are prone to a denial-of-service vulnerability. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. Siemens SIMATIC HMI Comfort Panels and SIMATIC WinCC Runtime Advanced are HMI software for controlling and monitoring machines and equipment from Siemens, Germany

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201504-0234",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "runtime advanced 13 sp1 upd2"
      },
      {
        "model": "simatic hmi comfort panels before wincc sp1 upd2",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime advanced sp1 upd2",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "13.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "984ee090-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02292"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-096"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2822"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/h:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Quarkslab team and Ilya Karpov from Positive Technologies.",
    "sources": [
      {
        "db": "BID",
        "id": "74028"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-2822",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2015-2822",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2015-02292",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "984ee090-2351-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "cda955ed-285a-41f6-a455-3a71c5e4729a",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-80783",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-2822",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-2822",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-02292",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201504-096",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "984ee090-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "cda955ed-285a-41f6-a455-3a71c5e4729a",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-80783",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "984ee090-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02292"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80783"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-096"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2822"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP port 102. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A port that can cause a denial of service attack. Multiple Siemens SIMATIC products are prone to a denial-of-service vulnerability. \nRemote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. Siemens SIMATIC HMI Comfort Panels and SIMATIC WinCC Runtime Advanced are HMI software for controlling and monitoring machines and equipment from Siemens, Germany",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-2822"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02292"
      },
      {
        "db": "BID",
        "id": "74028"
      },
      {
        "db": "IVD",
        "id": "984ee090-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80783"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-2822",
        "trust": 3.8
      },
      {
        "db": "BID",
        "id": "74028",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-487246",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-096",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02292",
        "trust": 1.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-15-099-01",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002125",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "984EE090-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "CDA955ED-285A-41F6-A455-3A71C5E4729A",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-80783",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "984ee090-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02292"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80783"
      },
      {
        "db": "BID",
        "id": "74028"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-096"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2822"
      }
    ]
  },
  "id": "VAR-201504-0234",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "984ee090-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02292"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80783"
      }
    ],
    "trust": 1.6778299
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "984ee090-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02292"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:13:31.082000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-487246",
        "trust": 0.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC and SIMATIC WinCC HMI Comfort Panels denial of service vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/57131"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02292"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-80783"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2822"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2822"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/74028"
      },
      {
        "trust": 1.1,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2822"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-15-099-01"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02292"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80783"
      },
      {
        "db": "BID",
        "id": "74028"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-096"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2822"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "984ee090-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02292"
      },
      {
        "db": "VULHUB",
        "id": "VHN-80783"
      },
      {
        "db": "BID",
        "id": "74028"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-096"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-2822"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-04-10T00:00:00",
        "db": "IVD",
        "id": "984ee090-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2015-04-10T00:00:00",
        "db": "IVD",
        "id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
      },
      {
        "date": "2015-04-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-02292"
      },
      {
        "date": "2015-04-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-80783"
      },
      {
        "date": "2015-04-09T00:00:00",
        "db": "BID",
        "id": "74028"
      },
      {
        "date": "2015-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      },
      {
        "date": "2015-04-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201504-096"
      },
      {
        "date": "2015-04-08T16:59:00.067000",
        "db": "NVD",
        "id": "CVE-2015-2822"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-04-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-02292"
      },
      {
        "date": "2016-11-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-80783"
      },
      {
        "date": "2015-10-26T16:22:00",
        "db": "BID",
        "id": "74028"
      },
      {
        "date": "2015-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      },
      {
        "date": "2015-04-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201504-096"
      },
      {
        "date": "2024-11-21T02:28:09.383000",
        "db": "NVD",
        "id": "CVE-2015-2822"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-096"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC HMI Comfort Panels and  SIMATIC WinCC Runtime Advanced Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002125"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "984ee090-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-096"
      }
    ],
    "trust": 1.0
  }
}

var-202409-0257
Vulnerability from variot

A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions), SIMATIC Information Server 2022 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC06), SIMATIC Process Historian 2020 (All versions), SIMATIC Process Historian 2022 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 3), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 18), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products run their DB server with elevated privileges which could allow an authenticated attacker to execute arbitrary OS commands with administrative privileges. SIMATIC Information Server is used for reporting and visualization of process data stored in SIMATIC process Historian. SIMATIC Process Historian is a long-term archiving system for SIMATIC PCS 7, SIMATIC WinCC and SIMATIC PCS-neo. It stores process values, alarms and batch data of production plants in its database and provides historical process data for reporting and visualization applications. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Routing Control, OpenPCS 7 and other components. SIMATIC WinCC is a Supervisory Control and Data Acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operator control and monitoring of machines and plants.

Siemens SIMATIC SCADA and PCS 7 systems have a remote code execution vulnerability

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202409-0257",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic process historian",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2020"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.1"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v19"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v9.1"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0\u003cv8.05"
      },
      {
        "model": "simatic information server",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic process historian",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2022"
      },
      {
        "model": "simatic wincc sp2 update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.5\u003cv7.518"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      }
    ]
  },
  "cve": "CVE-2024-35783",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2024-38013",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.3,
            "id": "CVE-2024-35783",
            "impactScore": 6.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2024-35783",
            "trust": 1.0,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2024-38013",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-35783"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions), SIMATIC Information Server 2022 (All versions), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC06), SIMATIC Process Historian 2020 (All versions), SIMATIC Process Historian 2022 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 5), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 3), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 18), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 5). The affected products run their DB server with elevated privileges which could allow an authenticated attacker to execute arbitrary OS commands with administrative privileges. SIMATIC Information Server is used for reporting and visualization of process data stored in SIMATIC process Historian. SIMATIC Process Historian is a long-term archiving system for SIMATIC PCS 7, SIMATIC WinCC and SIMATIC PCS-neo. It stores process values, alarms and batch data of production plants in its database and provides historical process data for reporting and visualization applications. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Routing Control, OpenPCS 7 and other components. SIMATIC WinCC is a Supervisory Control and Data Acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operator control and monitoring of machines and plants. \n\nSiemens SIMATIC SCADA and PCS 7 systems have a remote code execution vulnerability",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2024-35783"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      }
    ],
    "trust": 1.44
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SIEMENS",
        "id": "SSA-629254",
        "trust": 1.6
      },
      {
        "db": "NVD",
        "id": "CVE-2024-35783",
        "trust": 1.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-38013",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-35783"
      }
    ]
  },
  "id": "VAR-202409-0257",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      }
    ],
    "trust": 1.3129292049999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      }
    ]
  },
  "last_update_date": "2024-11-12T23:27:49.241000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens SIMATIC SCADA and PCS 7 systems remote code execution vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/590336"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-250",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2024-35783"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-629254.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-35783"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-35783"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      },
      {
        "date": "2024-09-10T10:15:09.937000",
        "db": "NVD",
        "id": "CVE-2024-35783"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-09-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      },
      {
        "date": "2024-11-12T13:15:07.830000",
        "db": "NVD",
        "id": "CVE-2024-35783"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC SCADA and PCS 7 systems remote code execution vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-38013"
      }
    ],
    "trust": 0.6
  }
}

var-201910-1748
Vulnerability from variot

Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer.

A stack overflow vulnerability exists in the Siemens SIMATIC WinCC CcApEditAction.dll control. An attacker executes arbitrary code by constructing an input string, causing a stack overflow

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201910-1748",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "1d6620bd-a382-4695-acb6-c2980ead85ed"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36482"
      }
    ]
  },
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2019-36482",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "1d6620bd-a382-4695-acb6-c2980ead85ed",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "CNVD",
            "id": "CNVD-2019-36482",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "1d6620bd-a382-4695-acb6-c2980ead85ed",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "1d6620bd-a382-4695-acb6-c2980ead85ed"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36482"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC is an automation software with a single engineering environment. WinCC supports the discovery and configuration of LAN device information using the PN-DCP protocol at the Ethernet layer. \n\r\n\r\nA stack overflow vulnerability exists in the Siemens SIMATIC WinCC CcApEditAction.dll control. An attacker executes arbitrary code by constructing an input string, causing a stack overflow",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36482"
      },
      {
        "db": "IVD",
        "id": "1d6620bd-a382-4695-acb6-c2980ead85ed"
      }
    ],
    "trust": 0.72
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36482",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "1D6620BD-A382-4695-ACB6-C2980EAD85ED",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "1d6620bd-a382-4695-acb6-c2980ead85ed"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36482"
      }
    ]
  },
  "id": "VAR-201910-1748",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "1d6620bd-a382-4695-acb6-c2980ead85ed"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36482"
      }
    ],
    "trust": 1.40849285
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "1d6620bd-a382-4695-acb6-c2980ead85ed"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36482"
      }
    ]
  },
  "last_update_date": "2022-05-17T01:45:06.908000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Binary Vulnerability in InitFunction of CcApEditAction.dll Control of SIMATIC WinCC",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/180599"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36482"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "1d6620bd-a382-4695-acb6-c2980ead85ed"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36482"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-22T00:00:00",
        "db": "IVD",
        "id": "1d6620bd-a382-4695-acb6-c2980ead85ed"
      },
      {
        "date": "2019-10-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36482"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-01-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36482"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack overflow vulnerability in Siemens SIMATIC WinCC CcApEditAction.dll control",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36482"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "1d6620bd-a382-4695-acb6-c2980ead85ed"
      }
    ],
    "trust": 0.2
  }
}

var-201812-0343
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). A directory traversal vulnerability could allow to download arbitrary files from the device. The security vulnerability could be exploited by an attacker with network access to the integrated web server. No user interaction and no authentication is required to exploit the vulnerability. The vulnerability impacts the confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains a path traversal vulnerability.Information may be obtained. Siemens SIMATIC Panels is prone to following security vulnerabilities: 1. An open-redirection vulnerability 2. A directory-traversal vulnerability Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve arbitrary files from the affected system in the context of the application or by constructing a crafted URI and enticing a user to follow it and when an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site. are all HMI software used by Siemens in Germany to control and monitor machines and equipment

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201812-0343",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi mp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi op",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi tp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc runtime professional sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic wincc runtime professional sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime professional sp1 upd2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime professional sp update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1319"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc runtime advanced sp1 upd2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic wincc runtime advanced sp1 upd5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v135"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v12"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v120"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v110"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic wincc update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v136"
      },
      {
        "model": "simatic wincc sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v10"
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "22"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic hmi comfort panels sp1 upd2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic hmi comfort panels sp1 upd5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi classic devices",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime professional update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic wincc runtime advanced update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic hmi ktp mobile panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic hmi comfort panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      },
      {
        "model": "simatic hmi comfort outdoor panels update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "154"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "105922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13812"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Hosni Tounsi from Carthage Red Team",
    "sources": [
      {
        "db": "BID",
        "id": "105922"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-13812",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2018-13812",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-123909",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-13812",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-13812",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-13812",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201811-482",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-123909",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-123909"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-482"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13812"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Professional (All versions \u003c V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions \u003c V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). A directory traversal vulnerability could allow to download arbitrary files from the device. The security vulnerability could be exploited by an attacker with network access to the integrated web server. No user interaction and no authentication is required to exploit the vulnerability. The vulnerability impacts the confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains a path traversal vulnerability.Information may be obtained. Siemens SIMATIC Panels is prone to following security vulnerabilities:\n1. An open-redirection vulnerability\n2. A directory-traversal vulnerability\nRemote attackers may use a specially crafted request with  directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files from  the affected system in the context of the application or by constructing a crafted URI and enticing a user to follow it and when an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site. are all HMI software used by Siemens in Germany to control and monitor machines and equipment",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-13812"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      },
      {
        "db": "BID",
        "id": "105922"
      },
      {
        "db": "VULHUB",
        "id": "VHN-123909"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-13812",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "105922",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-233109",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-317-08",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014525",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-482",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-123909",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-123909"
      },
      {
        "db": "BID",
        "id": "105922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-482"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13812"
      }
    ]
  },
  "id": "VAR-201812-0343",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-123909"
      }
    ],
    "trust": 0.7828699085714284
  },
  "last_update_date": "2024-11-23T22:17:14.886000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-233109",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
      },
      {
        "title": "Multiple Siemens Product path traversal vulnerability fixes",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86883"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-482"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-123909"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13812"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/105922"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-317-08"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13812"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13812"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-123909"
      },
      {
        "db": "BID",
        "id": "105922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-482"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13812"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-123909"
      },
      {
        "db": "BID",
        "id": "105922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-482"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13812"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-12-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-123909"
      },
      {
        "date": "2018-11-14T00:00:00",
        "db": "BID",
        "id": "105922"
      },
      {
        "date": "2019-03-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      },
      {
        "date": "2018-11-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201811-482"
      },
      {
        "date": "2018-12-13T16:29:00.290000",
        "db": "NVD",
        "id": "CVE-2018-13812"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-123909"
      },
      {
        "date": "2018-11-14T00:00:00",
        "db": "BID",
        "id": "105922"
      },
      {
        "date": "2019-03-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201811-482"
      },
      {
        "date": "2024-11-21T03:48:07.190000",
        "db": "NVD",
        "id": "CVE-2018-13812"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-482"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Path traversal vulnerability in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014525"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "path traversal",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-482"
      }
    ],
    "trust": 0.6
  }
}

var-201209-0226
Vulnerability from variot

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.

The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------

The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA50568

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568

RELEASE DATE: 2012-09-11

DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/50568/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=50568

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.

1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user.

2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences.

3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

SOLUTION: Apply Update 3.

Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.

ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0226",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "77.x"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5087"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004450"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-296"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3034"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004450"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Denis Baranov Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov,Timur Yunusov from Positive Technologies",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-296"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2012-3034",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2012-3034",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "5e11d08e-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-56315",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-3034",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-3034",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201209-296",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "5e11d08e-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-56315",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2012-3034",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56315"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-3034"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004450"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-296"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3034"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-3034"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004450"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5087"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "IVD",
        "id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56315"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-3034"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      }
    ],
    "trust": 2.97
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-3034",
        "trust": 3.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-864051",
        "trust": 2.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-256-01",
        "trust": 2.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-296",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "55492",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5087",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004450",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "50568",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "20651",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "20931",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "5E11D08E-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "SECUNIA",
        "id": "50581",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-56315",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-3034",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116445",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116447",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5087"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56315"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-3034"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004450"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-296"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3034"
      }
    ]
  },
  "id": "VAR-201209-0226",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5087"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56315"
      }
    ],
    "trust": 1.5048571666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5087"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:02.614000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/"
      },
      {
        "title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC ActiveX Control Account Information Disclosure Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/22134"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5087"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004450"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-56315"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004450"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3034"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf"
      },
      {
        "trust": 2.0,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "trust": 1.8,
        "url": "http://en.securitylab.ru/lab/pt-2012-45"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3034"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3034"
      },
      {
        "trust": 0.6,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/50568"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/55492"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/20931"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/20651"
      },
      {
        "trust": 0.3,
        "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/blog/325/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/200.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26911"
      },
      {
        "trust": 0.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-12-256-01"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50581/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50581/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50568/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50568/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5087"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56315"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-3034"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004450"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-296"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3034"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5087"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56315"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-3034"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004450"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-296"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3034"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-09-13T00:00:00",
        "db": "IVD",
        "id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5087"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56315"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "VULMON",
        "id": "CVE-2012-3034"
      },
      {
        "date": "2012-09-11T00:00:00",
        "db": "BID",
        "id": "55492"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004450"
      },
      {
        "date": "2012-09-11T07:30:00",
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "date": "2012-09-11T07:30:06",
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-296"
      },
      {
        "date": "2012-09-18T14:55:01.583000",
        "db": "NVD",
        "id": "CVE-2012-3034"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5087"
      },
      {
        "date": "2012-09-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56315"
      },
      {
        "date": "2012-09-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2012-3034"
      },
      {
        "date": "2012-09-12T22:50:00",
        "db": "BID",
        "id": "55492"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004450"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-296"
      },
      {
        "date": "2024-11-21T01:40:09.340000",
        "db": "NVD",
        "id": "CVE-2012-3034"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-296"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC ActiveX Control Account Information Disclosure Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "5e11d08e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5087"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-296"
      }
    ],
    "trust": 0.6
  }
}

var-202202-0369
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V17 (All versions <= V17 Update 4), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The affected component stores the credentials of a local system account in a potentially publicly accessible project file using an outdated cipher algorithm. An attacker may use this to brute force the credentials and take over the system. SIMATIC PCS 7 and SIMATIC WinCC There is a vulnerability in plaintext storage of important information.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system.

An information disclosure vulnerability exists in Siemens SIMATIC WinCC, which could allow an attacker to use this command to forcibly obtain credentials and take over the system

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0369",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "17"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc update",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v172"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10000"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005071"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40363"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-592"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-40363",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-40363",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2022-10000",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-401720",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2021-40363",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-40363",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-40363",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-40363",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2022-10000",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202202-592",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-401720",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10000"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401720"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005071"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40363"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V17 (All versions \u003c= V17 Update 4), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 6). The affected component stores the credentials of a local system account in a potentially publicly accessible project file using an outdated cipher algorithm. An attacker may use this to brute force the credentials and take over the system. SIMATIC PCS 7 and SIMATIC WinCC There is a vulnerability in plaintext storage of important information.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. \n\r\n\r\nAn information disclosure vulnerability exists in Siemens SIMATIC WinCC, which could allow an attacker to use this command to forcibly obtain credentials and take over the system",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-40363"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005071"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-10000"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401720"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-40363",
        "trust": 3.9
      },
      {
        "db": "SIEMENS",
        "id": "SSA-914168",
        "trust": 2.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-041-02",
        "trust": 1.4
      },
      {
        "db": "JVN",
        "id": "JVNVU98748974",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005071",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-10000",
        "trust": 0.7
      },
      {
        "db": "CS-HELP",
        "id": "SB2022021106",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.0606",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-592",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-401720",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10000"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401720"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005071"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40363"
      }
    ]
  },
  "id": "VAR-202202-0369",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10000"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401720"
      }
    ],
    "trust": 1.3482599333333334
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10000"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:01:12.437000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-914168",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC Information Disclosure Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/318461"
      },
      {
        "title": "Siemens SIMATIC PCS 7  and SIMATIC WinCC Remediation measures for authorization problem vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=181960"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10000"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005071"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-592"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-538",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-312",
        "trust": 1.0
      },
      {
        "problemtype": "Plaintext storage of important information (CWE-312) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-401720"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005071"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40363"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40363"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu98748974/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-041-02"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-user-access-via-credentials-brute-force-37483"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.0606"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022021106"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-041-02"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10000"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401720"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005071"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40363"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2022-10000"
      },
      {
        "db": "VULHUB",
        "id": "VHN-401720"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005071"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-592"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-40363"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-02-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2022-10000"
      },
      {
        "date": "2022-02-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-401720"
      },
      {
        "date": "2023-05-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-005071"
      },
      {
        "date": "2022-02-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202202-592"
      },
      {
        "date": "2022-02-09T16:15:13.877000",
        "db": "NVD",
        "id": "CVE-2021-40363"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-02-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2022-10000"
      },
      {
        "date": "2022-10-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-401720"
      },
      {
        "date": "2023-05-16T08:53:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-005071"
      },
      {
        "date": "2022-08-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202202-592"
      },
      {
        "date": "2024-11-21T06:23:57.250000",
        "db": "NVD",
        "id": "CVE-2021-40363"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-592"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATIC\u00a0PCS\u00a07\u00a0 and \u00a0SIMATIC\u00a0WinCC\u00a0 Vulnerability in plaintext storage of important information in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-005071"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202202-592"
      }
    ],
    "trust": 0.6
  }
}

var-201905-1076
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without "Encrypted Communication", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. SIMATIC PCS 7 and WinCC Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An access control error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1076",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic wincc",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c=v8.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003e=v8.1"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "gte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic pcs 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "simatic wincc",
        "version": "*"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic wincc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic pcs",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.1"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14819"
      },
      {
        "db": "BID",
        "id": "108398"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10922"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab reported this vulnerability to Siemens.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-601"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10922",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2019-10922",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-14819",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-142517",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-10922",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-10922",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-10922",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-10922",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-14819",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-601",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142517",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-10922",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14819"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142517"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-601"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10922"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without \"Encrypted Communication\", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. SIMATIC PCS 7 and WinCC Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An access control error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14819"
      },
      {
        "db": "BID",
        "id": "108398"
      },
      {
        "db": "IVD",
        "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142517"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10922"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10922",
        "trust": 3.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 2.4
      },
      {
        "db": "BID",
        "id": "108398",
        "trust": 2.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-705517",
        "trust": 1.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14819",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-601",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004559",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "28B5F5F4-5CC5-4DD7-87DA-AEDB11DAE08D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142517",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10922",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14819"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142517"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10922"
      },
      {
        "db": "BID",
        "id": "108398"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-601"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10922"
      }
    ]
  },
  "id": "VAR-201905-1076",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14819"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142517"
      }
    ],
    "trust": 1.5286399
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14819"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:37:17.578000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-705517",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Access Control Error Vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/161749"
      },
      {
        "title": "Siemens SIMATIC PCS 7  and SIMATIC WinCC Fixes for access control error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92743"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=5b4ebc1c1cb31c7e91ba7bafb5859453"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14819"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-601"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-306",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-284",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142517"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10922"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/108398"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10922"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10922"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-wincc-code-execution-29287"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14819"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142517"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10922"
      },
      {
        "db": "BID",
        "id": "108398"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-601"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10922"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14819"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142517"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10922"
      },
      {
        "db": "BID",
        "id": "108398"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-601"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10922"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "IVD",
        "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d"
      },
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14819"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142517"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10922"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108398"
      },
      {
        "date": "2019-06-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-601"
      },
      {
        "date": "2019-05-14T20:29:02.763000",
        "db": "NVD",
        "id": "CVE-2019-10922"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14819"
      },
      {
        "date": "2020-10-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142517"
      },
      {
        "date": "2020-10-02T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10922"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108398"
      },
      {
        "date": "2019-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      },
      {
        "date": "2020-10-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-601"
      },
      {
        "date": "2024-11-21T04:20:09.473000",
        "db": "NVD",
        "id": "CVE-2019-10922"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-601"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATIC PCS 7 and  WinCC Access control vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004559"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Access control error",
    "sources": [
      {
        "db": "IVD",
        "id": "28b5f5f4-5cc5-4dd7-87da-aedb11dae08d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-601"
      }
    ],
    "trust": 0.8
  }
}

var-202102-0008
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication. SIMATIC PCS 7 and SIMATIC WinCC Contains an authentication vulnerability.Information may be obtained. Siemens SIMATIC WinCC is a set of automated data acquisition and monitoring (SCADA) system of Germany's Siemens (Siemens) company.

Siemens SIMATIC WinCC has security vulnerabilities. There are security holes in SIMATIC PCS 7 and SIMATIC WinCC, and there is no related information about this hole at present, please pay attention to CNNVD or manufacturer announcements at any time

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202102-0008",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": "7.5 sp2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7"
      },
      {
        "model": "simatic wincc sp2",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.5"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-12077"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015933"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10048"
      }
    ]
  },
  "cve": "CVE-2020-10048",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-10048",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2021-12077",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-162487",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2020-10048",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2020-10048",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-10048",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2020-10048",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-12077",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202102-796",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-162487",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-12077"
      },
      {
        "db": "VULHUB",
        "id": "VHN-162487"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015933"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-796"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10048"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions \u003c V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication. SIMATIC PCS 7 and SIMATIC WinCC Contains an authentication vulnerability.Information may be obtained. Siemens SIMATIC WinCC is a set of automated data acquisition and monitoring (SCADA) system of Germany\u0027s Siemens (Siemens) company. \n\r\n\r\nSiemens SIMATIC WinCC has security vulnerabilities. There are security holes in SIMATIC PCS 7 and SIMATIC WinCC, and there is no related information about this hole at present, please pay attention to CNNVD or manufacturer announcements at any time",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-10048"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015933"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-12077"
      },
      {
        "db": "VULHUB",
        "id": "VHN-162487"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-10048",
        "trust": 3.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-944678",
        "trust": 2.3
      },
      {
        "db": "JVN",
        "id": "JVNVU91083521",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015933",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-12077",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.0503",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-040-09",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-796",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-162487",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-12077"
      },
      {
        "db": "VULHUB",
        "id": "VHN-162487"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015933"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-796"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10048"
      }
    ]
  },
  "id": "VAR-202102-0008",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-12077"
      },
      {
        "db": "VULHUB",
        "id": "VHN-162487"
      }
    ],
    "trust": 1.359834
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-12077"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:30:43.954000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-944678",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC bypass authentication vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/249066"
      },
      {
        "title": "SIMATIC PCS 7  and  SIMATIC WinCC Remediation measures for authorization problem vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142179"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-12077"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015933"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-796"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-288",
        "trust": 1.0
      },
      {
        "problemtype": "Improper authentication (CWE-287) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-162487"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015933"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10048"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91083521/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10048"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-information-disclosure-via-password-protected-pictures-34523"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-09"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.0503"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-12077"
      },
      {
        "db": "VULHUB",
        "id": "VHN-162487"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015933"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-796"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10048"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-12077"
      },
      {
        "db": "VULHUB",
        "id": "VHN-162487"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015933"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-796"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10048"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-02-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-12077"
      },
      {
        "date": "2021-02-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-162487"
      },
      {
        "date": "2021-10-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-015933"
      },
      {
        "date": "2021-02-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202102-796"
      },
      {
        "date": "2021-02-09T17:15:13.360000",
        "db": "NVD",
        "id": "CVE-2020-10048"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-02-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-12077"
      },
      {
        "date": "2021-02-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-162487"
      },
      {
        "date": "2021-10-25T07:34:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-015933"
      },
      {
        "date": "2021-02-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202102-796"
      },
      {
        "date": "2024-11-21T04:54:42.183000",
        "db": "NVD",
        "id": "CVE-2020-10048"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-796"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SIMATIC\u00a0PCS\u00a07\u00a0 and \u00a0SIMATIC\u00a0WinCC\u00a0 Authentication vulnerabilities in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-015933"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-796"
      }
    ],
    "trust": 0.6
  }
}

var-201407-0604
Vulnerability from variot

The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens' product database servers, which can be exploited by remote attackers to escalate privileges and perform unauthorized actions. SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A security vulnerability exists in the database server of versions prior to Siemens SIMATIC WinCC 7.3 used by PCS7 and other products

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201407-0604",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": null,
        "scope": "eq",
        "trust": 2.4,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 2.4,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.2,
        "vendor": "wincc",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "pcs7",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.2"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb11-463f-11e9-a766-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "2ce952e5-3809-407f-81cb-08454c69b74b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04663"
      },
      {
        "db": "BID",
        "id": "68880"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-604"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4684"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "68880"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-4684",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "CVE-2014-4684",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "CNVD-2014-04663",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "7d7feb11-463f-11e9-a766-000c29342cb1",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "2ce952e5-3809-407f-81cb-08454c69b74b",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "VHN-72625",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-4684",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-4684",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-04663",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201407-604",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d7feb11-463f-11e9-a766-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "2ce952e5-3809-407f-81cb-08454c69b74b",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-72625",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb11-463f-11e9-a766-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "2ce952e5-3809-407f-81cb-08454c69b74b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04663"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72625"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-604"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4684"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A remote privilege elevation vulnerability exists in Siemens\u0027 product database servers, which can be exploited by remote attackers to escalate privileges and perform unauthorized actions. SIMATIC WinCC and PCS7 are prone to a remote privilege-escalation vulnerability. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A security vulnerability exists in the database server of versions prior to Siemens SIMATIC WinCC 7.3 used by PCS7 and other products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-4684"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04663"
      },
      {
        "db": "BID",
        "id": "68880"
      },
      {
        "db": "IVD",
        "id": "7d7feb11-463f-11e9-a766-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "2ce952e5-3809-407f-81cb-08454c69b74b"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72625"
      }
    ],
    "trust": 3.06
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-4684",
        "trust": 4.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-214365",
        "trust": 2.3
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-604",
        "trust": 1.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04663",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "68880",
        "trust": 1.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-14-205-02",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003567",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "60392",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "60388",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "7D7FEB11-463F-11E9-A766-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "E2D4CC60-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "2CE952E5-3809-407F-81CB-08454C69B74B",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-72625",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "127660",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb11-463f-11e9-a766-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "2ce952e5-3809-407f-81cb-08454c69b74b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04663"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72625"
      },
      {
        "db": "BID",
        "id": "68880"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-604"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4684"
      }
    ]
  },
  "id": "VAR-201407-0604",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb11-463f-11e9-a766-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "2ce952e5-3809-407f-81cb-08454c69b74b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04663"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72625"
      }
    ],
    "trust": 2.003642875
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb11-463f-11e9-a766-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "2ce952e5-3809-407f-81cb-08454c69b74b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04663"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:31:17.726000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-214365",
        "trust": 0.8,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
      },
      {
        "title": "Siemens product database server remote privilege escalation vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/47900"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-04663"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-72625"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4684"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4684"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4684"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-14-205-02"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60388"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/60392"
      },
      {
        "trust": 0.3,
        "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4684"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4683"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4685"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4686"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4682"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-04663"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72625"
      },
      {
        "db": "BID",
        "id": "68880"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-604"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4684"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "7d7feb11-463f-11e9-a766-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "2ce952e5-3809-407f-81cb-08454c69b74b"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-04663"
      },
      {
        "db": "VULHUB",
        "id": "VHN-72625"
      },
      {
        "db": "BID",
        "id": "68880"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      },
      {
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-604"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-4684"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "7d7feb11-463f-11e9-a766-000c29342cb1"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "IVD",
        "id": "2ce952e5-3809-407f-81cb-08454c69b74b"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04663"
      },
      {
        "date": "2014-07-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72625"
      },
      {
        "date": "2014-07-23T00:00:00",
        "db": "BID",
        "id": "68880"
      },
      {
        "date": "2014-07-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      },
      {
        "date": "2014-07-29T22:37:22",
        "db": "PACKETSTORM",
        "id": "127660"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-604"
      },
      {
        "date": "2014-07-24T14:55:08.097000",
        "db": "NVD",
        "id": "CVE-2014-4684"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-07-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-04663"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-72625"
      },
      {
        "date": "2014-10-08T06:59:00",
        "db": "BID",
        "id": "68880"
      },
      {
        "date": "2014-08-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      },
      {
        "date": "2014-07-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201407-604"
      },
      {
        "date": "2024-11-21T02:10:41.950000",
        "db": "NVD",
        "id": "CVE-2014-4684"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201407-604"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC PCS 7 Used in products such as  SIMATIC WinCC of Vulnerability that can be obtained privilege in the database server",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-003567"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Permission permission and access control",
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb11-463f-11e9-a766-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "e2d4cc60-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "2ce952e5-3809-407f-81cb-08454c69b74b"
      }
    ],
    "trust": 0.6
  }
}

var-201303-0254
Vulnerability from variot

Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0254",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc tia portal",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "11.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc tia portal",
        "version": "11.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0922a59e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001985"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-440"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0671"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001985"
      }
    ]
  },
  "cve": "CVE-2013-0671",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2013-0671",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "0922a59e-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-60673",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0671",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0671",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-440",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "0922a59e-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60673",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0922a59e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60673"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001985"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-440"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0671"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0671"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001985"
      },
      {
        "db": "IVD",
        "id": "0922a59e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60673"
      }
    ],
    "trust": 1.89
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0671",
        "trust": 2.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-03",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-212483",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-440",
        "trust": 0.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001985",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "0922A59E-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60673",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0922a59e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60673"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001985"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-440"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0671"
      }
    ]
  },
  "id": "VAR-201303-0254",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "0922a59e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60673"
      }
    ],
    "trust": 0.9086316000000001
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "0922a59e-2353-11e6-abef-000c29c66e3d"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:08:32.609000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-212483: Vulnerabilities in WinCC (TIA Portal) V11",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001985"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60673"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001985"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0671"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-03.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0671"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0671"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60673"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001985"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-440"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0671"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "0922a59e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60673"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001985"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-440"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0671"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "IVD",
        "id": "0922a59e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60673"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001985"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-440"
      },
      {
        "date": "2013-03-21T14:55:01.530000",
        "db": "NVD",
        "id": "CVE-2013-0671"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60673"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001985"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-440"
      },
      {
        "date": "2024-11-21T01:47:58.900000",
        "db": "NVD",
        "id": "CVE-2013-0671"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-440"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC Directory Traversal Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "0922a59e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-440"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Path traversal",
    "sources": [
      {
        "db": "IVD",
        "id": "0922a59e-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-440"
      }
    ],
    "trust": 0.8
  }
}

var-201209-0225
Vulnerability from variot

SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. The attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. The attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications.

The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------

The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA50568

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568

RELEASE DATE: 2012-09-11

DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/50568/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=50568

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.

1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user.

2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.

SOLUTION: Apply Update 3.

Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.

ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0225",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "77.x"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5086"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3032"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Denis Baranov Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov,Timur Yunusov from Positive Technologies",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-295"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2012-3032",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2012-3032",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "5e1894b4-2353-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-56313",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-3032",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-3032",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201209-295",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "5e1894b4-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-56313",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56313"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3032"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to information-disclosure, SQL-injection, directory-traversal, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nThe attacker may exploit the information-disclosure issue and directory-traversal issues to gain access to sensitive information that may lead to further attacks. \nThe attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nAn attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. WinCC flexible is a human-machine interface used in some machine or process applications. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-3032"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5086"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "IVD",
        "id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56313"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-3032",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-864051",
        "trust": 2.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-256-01",
        "trust": 2.5
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-295",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "55492",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5086",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004449",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "50568",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "20935",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "20651",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "5E1894B4-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "SECUNIA",
        "id": "50581",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-56313",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116445",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116447",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5086"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56313"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3032"
      }
    ]
  },
  "id": "VAR-201209-0225",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5086"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56313"
      }
    ],
    "trust": 1.5048571666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5086"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:02.671000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/"
      },
      {
        "title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC SOAP SQL Injection Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/22133"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5086"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-89",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-56313"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3032"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf"
      },
      {
        "trust": 1.9,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://en.securitylab.ru/lab/pt-2012-44"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3032"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3032"
      },
      {
        "trust": 0.6,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdfhttp"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/50568"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/55492"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/20935"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/20651"
      },
      {
        "trust": 0.3,
        "url": "http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/blog/325/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50581/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50581/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50568/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50568/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5086"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56313"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3032"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5086"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56313"
      },
      {
        "db": "BID",
        "id": "55492"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3032"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-09-13T00:00:00",
        "db": "IVD",
        "id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5086"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56313"
      },
      {
        "date": "2012-09-11T00:00:00",
        "db": "BID",
        "id": "55492"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      },
      {
        "date": "2012-09-11T07:30:00",
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "date": "2012-09-11T07:30:06",
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-295"
      },
      {
        "date": "2012-09-18T14:55:01.537000",
        "db": "NVD",
        "id": "CVE-2012-3032"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5086"
      },
      {
        "date": "2012-09-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56313"
      },
      {
        "date": "2012-09-12T22:50:00",
        "db": "BID",
        "id": "55492"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-295"
      },
      {
        "date": "2024-11-21T01:40:09.207000",
        "db": "NVD",
        "id": "CVE-2012-3032"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-295"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC of  WebNavigator In  SQL Injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004449"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SQL injection",
    "sources": [
      {
        "db": "IVD",
        "id": "5e1894b4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-295"
      }
    ],
    "trust": 0.8
  }
}

var-201303-0256
Vulnerability from variot

Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long parameter. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0256",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 sp1"
      },
      {
        "model": "wincc",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic pcs sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c8.0"
      },
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": "simatic wincc siemens simatic pcs sp1",
        "scope": "lt",
        "trust": 0.2,
        "vendor": "siemens",
        "version": "7.27\u003c8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "7.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001987"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-442"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0674"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001987"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-0674",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2013-0674",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2013-02143",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-02175",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-60676",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0674",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0674",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-02143",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-02175",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-442",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-60676",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60676"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001987"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-442"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0674"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long parameter. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Code. Multiple information-disclosure vulnerabilities\n2. A directory-traversal vulnerability\n3. Failed exploit attempts will result in a denial-of-service conditions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0674"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001987"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "IVD",
        "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60676"
      }
    ],
    "trust": 3.42
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0674",
        "trust": 3.9
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-079-02",
        "trust": 2.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-714398",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "58545",
        "trust": 1.5
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-442",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02143",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001987",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "CB5589EC-1F2F-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "08E4D3E0-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-60676",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "120899",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60676"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001987"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-442"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0674"
      }
    ]
  },
  "id": "VAR-201303-0256",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60676"
      }
    ],
    "trust": 2.3048571666666664
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.6
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:45:48.644000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      },
      {
        "title": "Patch for the Siemens WinCC RegReader ActiveX Control Buffer Overflow Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/32993"
      },
      {
        "title": "Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/33002"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001987"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-60676"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001987"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0674"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf"
      },
      {
        "trust": 2.0,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0674"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/58545"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0674"
      },
      {
        "trust": 0.8,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0677"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0674"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0678"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0676"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0679"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0675"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60676"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001987"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-442"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0674"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "db": "VULHUB",
        "id": "VHN-60676"
      },
      {
        "db": "BID",
        "id": "58545"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001987"
      },
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-442"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0674"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-26T00:00:00",
        "db": "IVD",
        "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-26T00:00:00",
        "db": "IVD",
        "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60676"
      },
      {
        "date": "2013-03-15T00:00:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001987"
      },
      {
        "date": "2013-03-21T15:07:17",
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-442"
      },
      {
        "date": "2013-03-21T15:55:01.533000",
        "db": "NVD",
        "id": "CVE-2013-0674"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "date": "2013-03-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02175"
      },
      {
        "date": "2013-03-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-60676"
      },
      {
        "date": "2013-04-02T15:37:00",
        "db": "BID",
        "id": "58545"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001987"
      },
      {
        "date": "2013-03-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "date": "2013-03-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-442"
      },
      {
        "date": "2024-11-21T01:47:59.223000",
        "db": "NVD",
        "id": "CVE-2013-0674"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "120899"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-363"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-442"
      }
    ],
    "trust": 1.3
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens WinCC RegReader ActiveX Control Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02143"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-442"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "cb5589ec-1f2f-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "08e4d3e0-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-442"
      }
    ],
    "trust": 1.0
  }
}

var-201209-0222
Vulnerability from variot

Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service. (DoS) There is a possibility of being put into a state. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. Siemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable.

The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions when a logged-in administrative user visits a specially crafted web page. ----------------------------------------------------------------------

The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA50568

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50568

RELEASE DATE: 2012-09-11

DISCUSS ADVISORY: http://secunia.com/advisories/50568/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/50568/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=50568

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Multiple vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, and disclose certain sensitive information.

1) Certain unspecified input passed to the WebNavigator component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) Certain input passed to the WebNavigator component is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal sequences.

3) Certain input passed via SOAP messages to the WebNavigator component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

4) An error within the ActiveX control can be exploited to disclose the username and password of an authenticated user.

SOLUTION: Apply Update 3.

Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

PROVIDED AND/OR DISCOVERED BY: The vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive Technologies.

ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0222",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic pcs7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "6.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "5.0"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "6.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.8,
        "vendor": "wincc",
        "version": "6.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.0 sp3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs7",
        "version": "8.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "BID",
        "id": "55493"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004446"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-303"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3028"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004446"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Denis Baranov, Sergey Bobrov, Artem Chaykin, Vladimir Kochetkov, Pavel Toporkov, and Timur Yunusov from Positive Technologies",
    "sources": [
      {
        "db": "BID",
        "id": "55493"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-303"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2012-3028",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2012-3028",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2012-5088",
            "impactScore": 7.8,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d",
            "impactScore": 7.8,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-56309",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-3028",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-3028",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2012-5088",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201209-303",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-56309",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56309"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004446"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-303"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3028"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service. (DoS) There is a possibility of being put into a state. Siemens SIMATIC is an automation software in a single engineering environment. Siemens SIMATIC WinCC is prone to a cross-site request-forgery vulnerability. \nExploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. \nSiemens SIMATIC WinCC 7.0 SP3 and prior versions are vulnerable. \n\nThe application allows users to perform certain actions via HTTP\nrequests without performing proper validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions when a logged-in administrative user visits a specially\ncrafted web page. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50568\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50568/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nRELEASE DATE:\n2012-09-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50568/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50568/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Siemens SIMATIC WinCC,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct SQL injection attacks, and disclose\ncertain sensitive information. \n\n1) Certain unspecified input passed to the WebNavigator component is\nnot properly sanitised before being returned to the user. This can be\nexploited to execute arbitrary HTML and script code in a user\u0027s\nbrowser session in context of an affected site. \n\n2) Certain input passed to the WebNavigator component is not properly\nverified before being used to read files. This can be exploited to\nread arbitrary files via directory traversal sequences. \n\n3) Certain input passed via SOAP messages to the WebNavigator\ncomponent is not properly sanitised before being used in SQL queries. \nThis can be exploited to manipulate SQL queries by injecting arbitrary\nSQL code. \n\n4) An error within the ActiveX control can be exploited to disclose\nthe username and password of an authenticated user. \n\nSOLUTION:\nApply Update 3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Denis Baranov, Sergey Bobrov, Artem Chaykin,\nVladimir Kochetkov, Pavel Toporkov, and Timur Yunusov, Positive\nTechnologies. \n\nORIGINAL ADVISORY:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-3028"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004446"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "BID",
        "id": "55493"
      },
      {
        "db": "IVD",
        "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56309"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-3028",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-864051",
        "trust": 2.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-256-01",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "55493",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-303",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004446",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "50581",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "20652",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "20933",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "5DDC3EC4-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "SECUNIA",
        "id": "50568",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-56309",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116445",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116447",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56309"
      },
      {
        "db": "BID",
        "id": "55493"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004446"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-303"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3028"
      }
    ]
  },
  "id": "VAR-201209-0222",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56309"
      }
    ],
    "trust": 1.5048571666666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:02.455000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/"
      },
      {
        "title": "SSA-864051: Multiple Vulnerabilities in WinCC 7.0 SP3",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC Cross-Site Request Forgery Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/80787"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004446"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-352",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-56309"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004446"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3028"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-256-01.pdf"
      },
      {
        "trust": 2.2,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://en.securitylab.ru/lab/pt-2012-42"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3028"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3028"
      },
      {
        "trust": 0.6,
        "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-864051.pdf"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/50581"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/55493"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/20933"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/20652"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/blog/325/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50581"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50581/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50581/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50568/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/50568/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50568"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56309"
      },
      {
        "db": "BID",
        "id": "55493"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004446"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-303"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3028"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "VULHUB",
        "id": "VHN-56309"
      },
      {
        "db": "BID",
        "id": "55493"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004446"
      },
      {
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-303"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-3028"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-09-13T00:00:00",
        "db": "IVD",
        "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56309"
      },
      {
        "date": "2012-09-11T00:00:00",
        "db": "BID",
        "id": "55493"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004446"
      },
      {
        "date": "2012-09-11T07:30:00",
        "db": "PACKETSTORM",
        "id": "116445"
      },
      {
        "date": "2012-09-11T07:30:06",
        "db": "PACKETSTORM",
        "id": "116447"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-303"
      },
      {
        "date": "2012-09-18T14:55:01.397000",
        "db": "NVD",
        "id": "CVE-2012-3028"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-08-26T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "date": "2012-09-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-56309"
      },
      {
        "date": "2015-03-19T09:33:00",
        "db": "BID",
        "id": "55493"
      },
      {
        "date": "2012-09-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004446"
      },
      {
        "date": "2012-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201209-303"
      },
      {
        "date": "2024-11-21T01:40:08.817000",
        "db": "NVD",
        "id": "CVE-2012-3028"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-303"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC WinCC Cross-Site Request Forgery Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "5ddc3ec4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5088"
      },
      {
        "db": "BID",
        "id": "55493"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-303"
      }
    ],
    "trust": 1.7
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "cross-site request forgery",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201209-303"
      }
    ],
    "trust": 0.6
  }
}

var-201202-0164
Vulnerability from variot

HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to cause a denial of service (application crash) by sending crafted data over TCP. Miniweb has a security vulnerability that allows an attacker to submit a specially crafted HTTP POST request to allow the server to access any illegal memory area while checking the extension of the requested file. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. HmiLoad provides functions that read data and unicode strings with stack-based buffer overflows, allowing an attacker to exploit a vulnerability to execute arbitrary code. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. When the transfer mode is enabled, the runtime loader listens on the 2308/TCP or 50523/TCP port. Since the incoming data is not fully verified, there are multiple denial of service attacks that can crash the program. A directory traversal vulnerability exists in the HmiLoad server that allows reading, writing, and deleting arbitrary files outside of the specified directory. Attackers can exploit these issues to execute arbitrary code in the context of the affected application, read/write or delete arbitrary files outside of the server root directory, or cause denial-of-service conditions; other attacks may also be possible

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0164",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc flexible runtime",
        "scope": null,
        "trust": 3.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible sp2",
        "scope": "eq",
        "trust": 3.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0467"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-092"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4877"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Luigi Auriemma",
    "sources": [
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2011-4877",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2011-4877",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "28b0bc2e-2354-11e6-abef-000c29c66e3d",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-52822",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4877",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4877",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-092",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "28b0bc2e-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52822",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52822"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-092"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4877"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to cause a denial of service (application crash) by sending crafted data over TCP. Miniweb has a security vulnerability that allows an attacker to submit a specially crafted HTTP POST request to allow the server to access any illegal memory area while checking the extension of the requested file. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. HmiLoad provides functions that read data and unicode strings with stack-based buffer overflows, allowing an attacker to exploit a vulnerability to execute arbitrary code. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. When the transfer mode is enabled, the runtime loader listens on the 2308/TCP or 50523/TCP port. Since the incoming data is not fully verified, there are multiple denial of service attacks that can crash the program. A directory traversal vulnerability exists in the HmiLoad server that allows reading, writing, and deleting arbitrary files outside of the specified directory. \nAttackers can exploit these issues to execute arbitrary code in the context of the affected application, read/write or delete arbitrary files outside of the server root directory, or cause denial-of-service conditions; other attacks may also be possible",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4877"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0467"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "IVD",
        "id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52822"
      }
    ],
    "trust": 5.4
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-52822",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52822"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "50828",
        "trust": 3.9
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4877",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.7
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02A",
        "trust": 1.1
      },
      {
        "db": "ICS CERT ALERT",
        "id": "ICS-ALERT-11-332-02",
        "trust": 1.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "18166",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "77382",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-092",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0467",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001319",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01A",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "28B0BC2E-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52822",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0467"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52822"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-092"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4877"
      }
    ]
  },
  "id": "VAR-201202-0164",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0467"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52822"
      }
    ],
    "trust": 4.568457485714285
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 3.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0467"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:29.545000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 file download vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72694"
      },
      {
        "title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 memory access vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72697"
      },
      {
        "title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 Buffer Overflow Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72705"
      },
      {
        "title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 service crash vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/72689"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC HMI Denial of Service Attack Vulnerability (CNVD-2012-0467)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/9073"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0467"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52822"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4877"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.9,
        "url": "http://aluigi.altervista.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 3.4,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.exploit-db.com/exploits/18166"
      },
      {
        "trust": 1.1,
        "url": "http://aluigi.org/adv/winccflex_1-adv.txt"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02a.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://www.osvdb.org/77382"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71451"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4877"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4877"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/50828"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0467"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52822"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-092"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4877"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0467"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52822"
      },
      {
        "db": "BID",
        "id": "50828"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-092"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4877"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "IVD",
        "id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0467"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52822"
      },
      {
        "date": "2011-11-28T00:00:00",
        "db": "BID",
        "id": "50828"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      },
      {
        "date": "1900-01-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-092"
      },
      {
        "date": "2012-02-03T20:55:01.983000",
        "db": "NVD",
        "id": "CVE-2011-4877"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5108"
      },
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5110"
      },
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5103"
      },
      {
        "date": "2016-03-15T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5107"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0467"
      },
      {
        "date": "2011-12-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-5105"
      },
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52822"
      },
      {
        "date": "2012-04-18T21:20:00",
        "db": "BID",
        "id": "50828"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      },
      {
        "date": "2011-11-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-092"
      },
      {
        "date": "2024-11-21T01:33:11.390000",
        "db": "NVD",
        "id": "CVE-2011-4877"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201111-480"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-092"
      }
    ],
    "trust": 1.2
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Product  HmiLoad Service disruption in  ( Application crash ) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001319"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation",
    "sources": [
      {
        "db": "IVD",
        "id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-092"
      }
    ],
    "trust": 0.8
  }
}

var-201202-0045
Vulnerability from variot

Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4511. plural Siemens Product HMI Web The server contains a cross-site scripting vulnerability. This vulnerability CVE-2011-4511 Is a different vulnerability.By any third party Web Script or HTML May be inserted. Siemens SIMATIC is an automation software in a single engineering environment. The SIMATIC HMI Smart Options web server has two separate cross-site scripting attacks that allow elevation of privilege, stealing data or corrupting services. SIMATIC HMI is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0045",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "mp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "op"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "siemens",
        "version": "tp"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "comfort_panels"
      },
      {
        "model": "wincc runtime advanced",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "mobile_panels"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2004"
      },
      {
        "model": "wincc flexible runtime",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2007"
      },
      {
        "model": "wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2005"
      },
      {
        "model": "wincc flexible",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "comfort panels"
      },
      {
        "model": "simatic hmi panels",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "mobile panels"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11 sp2 update 1"
      },
      {
        "model": "simatic wincc flexible",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "2008 sp3"
      },
      {
        "model": "simatic wincc flexible rumtime",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wincc flexible",
        "version": "2008"
      },
      {
        "model": "simatic wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc flexible",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2008"
      },
      {
        "model": "simatic hmi panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v11"
      },
      {
        "model": "wincc flexible runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wincc",
        "version": "v11"
      },
      {
        "model": "simatic hmi smart options",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2004"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2005"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible",
        "version": "2007"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc",
        "version": "*"
      },
      {
        "model": "comfort panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mobile panels",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "mp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "op",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": "tp",
        "scope": null,
        "trust": 0.2,
        "vendor": "simatic hmi panels",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc runtime advanced",
        "version": "v11"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "wincc flexible runtime",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28691284-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0460"
      },
      {
        "db": "BID",
        "id": "51835"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-085"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4510"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_hmi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_flexible_runtime",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Billy Rios, Terry McCorkle, Shawn Merdinger, and Luigi Auriemma.",
    "sources": [
      {
        "db": "BID",
        "id": "51835"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-4510",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2011-4510",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "28691284-2354-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-52455",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-4510",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-4510",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-085",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "28691284-2354-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-52455",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28691284-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52455"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-085"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4510"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4511. plural Siemens Product HMI Web The server contains a cross-site scripting vulnerability. This vulnerability CVE-2011-4511 Is a different vulnerability.By any third party Web Script or HTML May be inserted. Siemens SIMATIC is an automation software in a single engineering environment. The SIMATIC HMI Smart Options web server has two separate cross-site scripting attacks that allow elevation of privilege, stealing data or corrupting services. SIMATIC HMI is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-4510"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0460"
      },
      {
        "db": "BID",
        "id": "51835"
      },
      {
        "db": "IVD",
        "id": "28691284-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52455"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-4510",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-345442",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-085",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0460",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001312",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "19403",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-030-01A",
        "trust": 0.3
      },
      {
        "db": "BID",
        "id": "51835",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "28691284-2354-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-52455",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28691284-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0460"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52455"
      },
      {
        "db": "BID",
        "id": "51835"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-085"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4510"
      }
    ]
  },
  "id": "VAR-201202-0045",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "28691284-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0460"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52455"
      }
    ],
    "trust": 1.52394115
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "28691284-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0460"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:46:29.499000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-345442",
        "trust": 0.8,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/jp/ja/"
      },
      {
        "title": "Patch for Siemens SIMATIC WinCC HMI Cross-Site Scripting Vulnerability (CNVD-2012-0460)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/9058"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0460"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-52455"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4510"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4510"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4510"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19403"
      },
      {
        "trust": 0.3,
        "url": "http://www.automation.siemens.com/mcms/automation/en/human-machine-interface/pages/default.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-0460"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52455"
      },
      {
        "db": "BID",
        "id": "51835"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-085"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4510"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "28691284-2354-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-0460"
      },
      {
        "db": "VULHUB",
        "id": "VHN-52455"
      },
      {
        "db": "BID",
        "id": "51835"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-085"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-4510"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "IVD",
        "id": "28691284-2354-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0460"
      },
      {
        "date": "2012-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52455"
      },
      {
        "date": "2012-01-30T00:00:00",
        "db": "BID",
        "id": "51835"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-085"
      },
      {
        "date": "2012-02-03T20:55:01.343000",
        "db": "NVD",
        "id": "CVE-2011-4510"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-0460"
      },
      {
        "date": "2012-02-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-52455"
      },
      {
        "date": "2012-04-18T21:20:00",
        "db": "BID",
        "id": "51835"
      },
      {
        "date": "2012-02-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      },
      {
        "date": "2012-02-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-085"
      },
      {
        "date": "2024-11-21T01:32:27.010000",
        "db": "NVD",
        "id": "CVE-2011-4510"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-085"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Product  HMI Web Server cross-site scripting vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001312"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "XSS",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-085"
      }
    ],
    "trust": 0.6
  }
}

cve-2020-10048
Vulnerability from cvelistv5
Published
2021-02-09 15:38
Modified
2024-08-04 10:50
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication.
Impacted products
Vendor Product Version
Siemens SIMATIC WinCC Version: All versions < V7.5 SP2
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:50:57.903Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC PCS 7",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.5 SP2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions \u003c V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-09T15:38:17",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-10048",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC PCS 7",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V7.5 SP2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions \u003c V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-288: Authentication Bypass Using an Alternate Path or Channel"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-10048",
    "datePublished": "2021-02-09T15:38:17",
    "dateReserved": "2020-03-04T00:00:00",
    "dateUpdated": "2024-08-04T10:50:57.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-28829
Vulnerability from cvelistv5
Published
2023-06-13 08:17
Modified
2024-08-02 13:51
Summary
A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These services were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents.
Impacted products
Vendor Product Version
Siemens SIMATIC NET PC Software V15 Version: All versions
Siemens SIMATIC PCS 7 V8.2 Version: All versions
Siemens SIMATIC PCS 7 V9.0 Version: All versions
Siemens SIMATIC PCS 7 V9.1 Version: All versions
Siemens SIMATIC WinCC Version: All versions < V8.0
Siemens SINAUT Software ST7sc Version: All versions
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:51:38.624Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC NET PC Software V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC NET PC Software V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PCS 7 V8.2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PCS 7 V9.0",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PCS 7 V9.1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V8.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAUT Software ST7sc",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions \u003c V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms \u0026 Events)) were used per default. These\r\nservices were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-477",
              "description": "CWE-477: Use of Obsolete Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-13T08:17:07.989Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2023-28829",
    "datePublished": "2023-06-13T08:17:07.989Z",
    "dateReserved": "2023-03-24T15:17:29.558Z",
    "dateUpdated": "2024-08-02T13:51:38.624Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-30897
Vulnerability from cvelistv5
Published
2023-06-13 08:17
Modified
2024-08-02 14:37
Summary
A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:37:15.531Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914026.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.5.2.13"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC WinCC (All versions \u003c V7.5.2.13). Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation.\r\n\r\nThis could allow an authenticated local attacker to inject arbitrary code and escalate privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-732",
              "description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-13T08:17:11.223Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-914026.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2023-30897",
    "datePublished": "2023-06-13T08:17:11.223Z",
    "dateReserved": "2023-04-20T05:09:40.252Z",
    "dateUpdated": "2024-08-02T14:37:15.531Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}