All the vulnerabilites related to Siemens - SIMATIC WinCC Runtime Professional
var-201607-0465
Vulnerability from variot
Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets. The SIMATIC WinCC (Windows Control Center) window control center is Siemens' process monitoring system, providing complete monitoring and data acquisition (SCADA) functions for the industrial sector; the PCS 7 system is a seamlessly integrated automation solution for all industrial applications. field. A remote code execution vulnerability exists in SIMATIC WinCC/PCS 7/WinCC Runtime Professional. Multiple Siemens Products are prone to a remote code-execution vulnerability. An attacker can exploit this issue to inject and execute arbitrary code in the context of the affected application. Siemens SIMATIC WinCC, etc. are all industrial automation products of Siemens (Siemens) in Germany
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201607-0465", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.3" }, { "model": "simatic openpcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic batch", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic openpcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.2" }, { "model": "simatic wincc sp", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "7.03" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.4 update 1" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.4" }, { "model": "simatic pcs sp4", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=7.1" }, { "model": "simatic wincc runtime professional sp update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v1319" }, { "model": "simatic wincc sp", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=7.02" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.3x\u003c7.310" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.4x\u003c7.41" }, { "model": "simatic openpcs 7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "8.1" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.1" }, { "model": "simatic openpcs 7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic openpcs 7", "version": "*" }, { "model": "simatic wincc runtime professional sp1 upd2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.32" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.31" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.29" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.28" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.21" }, { "model": "simatic wincc upd4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc upd11", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc sp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.02" }, { "model": "simatic pcs sp4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic wincc runtime professional sp update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1319" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.41" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.310" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic batch", "version": "*" } ], "sources": [ { "db": "IVD", "id": "649ab73e-2968-450b-b5d3-31e462571302" }, { "db": "CNVD", "id": "CNVD-2016-05346" }, { "db": "BID", "id": "92112" }, { "db": "JVNDB", "id": "JVNDB-2016-004095" }, { "db": "CNNVD", "id": "CNNVD-201607-904" }, { "db": "NVD", "id": "CVE-2016-5743" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_batch", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_openpcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-004095" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Sergey Temnikov and Vladimir Dashchenko, Critical Infrastructure Defence\nTeam, Kaspersky Lab.", "sources": [ { "db": "BID", "id": "92112" } ], "trust": 0.3 }, "cve": "CVE-2016-5743", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CVE-2016-5743", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CNVD-2016-05346", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "649ab73e-2968-450b-b5d3-31e462571302", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "VHN-94562", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "id": "CVE-2016-5743", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2016-5743", "trust": 1.0, "value": "CRITICAL" }, { "author": "NVD", "id": "CVE-2016-5743", "trust": 0.8, "value": "Critical" }, { "author": "CNVD", "id": "CNVD-2016-05346", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201607-904", "trust": 0.6, "value": "CRITICAL" }, { "author": "IVD", "id": "649ab73e-2968-450b-b5d3-31e462571302", "trust": 0.2, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-94562", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "649ab73e-2968-450b-b5d3-31e462571302" }, { "db": "CNVD", "id": "CNVD-2016-05346" }, { "db": "VULHUB", "id": "VHN-94562" }, { "db": "JVNDB", "id": "JVNDB-2016-004095" }, { "db": "CNNVD", "id": "CNNVD-201607-904" }, { "db": "NVD", "id": "CVE-2016-5743" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets. The SIMATIC WinCC (Windows Control Center) window control center is Siemens\u0027 process monitoring system, providing complete monitoring and data acquisition (SCADA) functions for the industrial sector; the PCS 7 system is a seamlessly integrated automation solution for all industrial applications. field. A remote code execution vulnerability exists in SIMATIC WinCC/PCS 7/WinCC Runtime Professional. Multiple Siemens Products are prone to a remote code-execution vulnerability. \nAn attacker can exploit this issue to inject and execute arbitrary code in the context of the affected application. Siemens SIMATIC WinCC, etc. are all industrial automation products of Siemens (Siemens) in Germany", "sources": [ { "db": "NVD", "id": "CVE-2016-5743" }, { "db": "JVNDB", "id": "JVNDB-2016-004095" }, { "db": "CNVD", "id": "CNVD-2016-05346" }, { "db": "BID", "id": "92112" }, { "db": "IVD", "id": "649ab73e-2968-450b-b5d3-31e462571302" }, { "db": "VULHUB", "id": "VHN-94562" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-5743", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-378531", "trust": 2.6 }, { "db": "ICS CERT", "id": "ICSA-16-208-01", "trust": 2.2 }, { "db": "BID", "id": "92112", "trust": 2.0 }, { "db": "SECTRACK", "id": "1036441", "trust": 1.1 }, { "db": "CNNVD", "id": "CNNVD-201607-904", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2016-05346", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2016-004095", "trust": 0.8 }, { "db": "IVD", "id": "649AB73E-2968-450B-B5D3-31E462571302", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-94562", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "649ab73e-2968-450b-b5d3-31e462571302" }, { "db": "CNVD", "id": "CNVD-2016-05346" }, { "db": "VULHUB", "id": "VHN-94562" }, { "db": "BID", "id": "92112" }, { "db": "JVNDB", "id": "JVNDB-2016-004095" }, { "db": "CNNVD", "id": "CNNVD-201607-904" }, { "db": "NVD", "id": "CVE-2016-5743" } ] }, "id": "VAR-201607-0465", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "649ab73e-2968-450b-b5d3-31e462571302" }, { "db": "CNVD", "id": "CNVD-2016-05346" }, { "db": "VULHUB", "id": "VHN-94562" } ], "trust": 1.5901556066666667 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "649ab73e-2968-450b-b5d3-31e462571302" }, { "db": "CNVD", "id": "CNVD-2016-05346" } ] }, "last_update_date": "2024-11-23T21:54:30.330000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-378531", "trust": 0.8, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf" }, { "title": "Patch for remote code execution vulnerability in SIMATIC WinCC/PCS 7/WinCCRuntime Professional", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/79586" }, { "title": "Multiple Siemens Product security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63264" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-05346" }, { "db": "JVNDB", "id": "JVNDB-2016-004095" }, { "db": "CNNVD", "id": "CNNVD-201607-904" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-94562" }, { "db": "JVNDB", "id": "JVNDB-2016-004095" }, { "db": "NVD", "id": "CVE-2016-5743" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf" }, { "trust": 2.2, "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-208-01" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/92112" }, { "trust": 1.1, "url": "http://www.securitytracker.com/id/1036441" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5743" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5743" }, { "trust": 0.3, "url": "http://www.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-05346" }, { "db": "VULHUB", "id": "VHN-94562" }, { "db": "BID", "id": "92112" }, { "db": "JVNDB", "id": "JVNDB-2016-004095" }, { "db": "CNNVD", "id": "CNNVD-201607-904" }, { "db": "NVD", "id": "CVE-2016-5743" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "649ab73e-2968-450b-b5d3-31e462571302" }, { "db": "CNVD", "id": "CNVD-2016-05346" }, { "db": "VULHUB", "id": "VHN-94562" }, { "db": "BID", "id": "92112" }, { "db": "JVNDB", "id": "JVNDB-2016-004095" }, { "db": "CNNVD", "id": "CNNVD-201607-904" }, { "db": "NVD", "id": "CVE-2016-5743" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-07-25T00:00:00", "db": "IVD", "id": "649ab73e-2968-450b-b5d3-31e462571302" }, { "date": "2016-07-25T00:00:00", "db": "CNVD", "id": "CNVD-2016-05346" }, { "date": "2016-07-22T00:00:00", "db": "VULHUB", "id": "VHN-94562" }, { "date": "2016-07-22T00:00:00", "db": "BID", "id": "92112" }, { "date": "2016-08-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-004095" }, { "date": "2016-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201607-904" }, { "date": "2016-07-22T15:59:00.147000", "db": "NVD", "id": "CVE-2016-5743" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-07-25T00:00:00", "db": "CNVD", "id": "CNVD-2016-05346" }, { "date": "2016-11-28T00:00:00", "db": "VULHUB", "id": "VHN-94562" }, { "date": "2016-07-22T00:00:00", "db": "BID", "id": "92112" }, { "date": "2016-08-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-004095" }, { "date": "2016-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201607-904" }, { "date": "2024-11-21T02:54:56.297000", "db": "NVD", "id": "CVE-2016-5743" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201607-904" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens SIMATIC Vulnerabilities in products that allow arbitrary code execution", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-004095" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation", "sources": [ { "db": "IVD", "id": "649ab73e-2968-450b-b5d3-31e462571302" }, { "db": "CNNVD", "id": "CNNVD-201607-904" } ], "trust": 0.8 } }
var-201611-0180
Vulnerability from variot
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files*" or the localized equivalent). plural Siemens The product has an installation %PROGRAMFILES% If not using a directory, it is not enclosed in quotes Windows There are vulnerabilities whose privileges are obtained by the search path. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) ,and CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/254.html https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through the Trojan executable. Founded in 1847, Siemens AG of Germany focuses on the fields of electrification, automation and digitization. Siemens is a leader in offshore wind turbine construction, gas turbine and steam turbine power generation, transmission solutions, infrastructure solutions, industrial automation, drive and software solutions, and medical imaging equipment and laboratory diagnostics. There are privilege escalation vulnerabilities in many Siemens products. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201611-0180", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simit", "scope": "eq", "trust": 3.3, "vendor": "siemens", "version": "9.0" }, { "model": "softnet security client", "scope": "eq", "trust": 1.7, "vendor": "siemens", "version": "5.0" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "sinema remote connect", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic step 7 \\", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc \\", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic step 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "5.5" }, { "model": "sinema server", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "13.0" }, { "model": "simatic winac rtx 2010", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "telecontrol basic", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "softnet security client", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "simatic winac rtx f 2010", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "primary setup tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic it production suite", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic net pc software", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "security configuration tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.2" }, { "model": "security configuration tool", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx f 2010", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "sp2" }, { "model": "simatic it production suite", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.0 sp3" }, { "model": "simatic winac rtx 2010", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "sp2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "professional" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.2 until" }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.2 to 7.4" }, { "model": "sinema remote connect client", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.0 sp3 upd 8" }, { "model": "simatic step 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "5.x" }, { "model": "primary setup tool", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic wincc tia portal", "version": "*" }, { "model": "simatic step", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "75.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.3x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.4x" }, { "model": "sinema server", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.2x" }, { "model": "simatic wincc sp2 sp2 upd", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.0\u003c7.012" }, { "model": "simatic wincc sp3 sp3 upd", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.0\u003c7.08" }, { "model": "simatic net pc-software", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic step", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c14" }, { "model": "simatic wincc basic", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc comfort", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc advanced", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc professional all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinema remote connect client all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx sp2 all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "simatic winac rtx f sp2 all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "simatic it production suite all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "telecontrol server basic sp2", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "softnet security client all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v5.0" }, { "model": "security configuration tool all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "primary setup tool all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc \\", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "14.0" }, { "model": "telecontrol basic", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "sinema server", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "13.0" }, { "model": "telecontrol server basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "sinema server sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v12" }, { "model": "sinema server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v12" }, { "model": "sinema server sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12.0" }, { "model": "sinema server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12.0-" }, { "model": "sinema remote connect client", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc comfort", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.41" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.32" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.310" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.31" }, { "model": "simatic wincc upd4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.29" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.28" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.21" }, { "model": "simatic wincc upd4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc upd11", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc sp3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic winac rtx f sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2010" }, { "model": "simatic winac rtx sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2010" }, { "model": "simatic step tia portal sp1 upd1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v13" }, { "model": "simatic step tia portal sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v13" }, { "model": "simatic step tia portal", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v13" }, { "model": "simatic step tia portal", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v12" }, { "model": "simatic step sp4 hf4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp3 hf10", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp2 hf7", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp1 hf2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic net pc-software sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software hf1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software sp2 hf3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic it production suite", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "security configuration tool", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "primary setup tool", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "telecontrol server basic sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "sinema server sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc comfort", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc basic", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc advanced", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc sp3 upd", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.08" }, { "model": "simatic wincc sp2 upd", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.012" }, { "model": "simatic step tia portal", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7v14" }, { "model": "simatic net pc-software", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "primary setup tool", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "security configuration tool", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic it production suite", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic net pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic step 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic step 7 tia portal", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx f 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simit", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinema remote connect", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinema server", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "softnet security client", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "telecontrol basic", "version": "*" } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:primary_setup_tool", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:security_configuration_tool", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_it_production_suite", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_winac_rtx_2010", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_winac_rtx_f_2010", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simit", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:sinema_remote_connect", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:sinema_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:softnet_security_client", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:telecontrol_basic", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-005899" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "WATERSURE and KIANDRA IT", "sources": [ { "db": "BID", "id": "94158" } ], "trust": 0.3 }, "cve": "CVE-2016-7165", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "CVE-2016-7165", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "MULTIPLE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 5.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 1.2, "id": "CNVD-2016-10732", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:L/AC:H/Au:M/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "MULTIPLE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 5.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 1.2, "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:L/AC:H/Au:M/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "VHN-95985", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 0.5, "id": "CVE-2016-7165", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2016-7165", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2016-7165", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2016-10732", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201611-301", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-95985", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in Primary Setup Tool (PST) (All versions \u003c V4.2 HF1), SIMATIC IT Production Suite (All versions \u003c V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions \u003c V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC STEP 7 V5.X (All versions \u003c V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions \u003c V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions \u003c V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions \u003c V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions \u003c V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1), SIMIT V9.0 (All versions \u003c V9.0 SP1), SINEMA Remote Connect Client (All versions \u003c V1.0 SP3), SINEMA Server (All versions \u003c V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions \u003c V4.3 HF1), TeleControl Server Basic (All versions \u003c V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent). plural Siemens The product has an installation %PROGRAMFILES% If not using a directory, it is not enclosed in quotes Windows There are vulnerabilities whose privileges are obtained by the search path. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) ,and CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/254.html https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through the Trojan executable. Founded in 1847, Siemens AG of Germany focuses on the fields of electrification, automation and digitization. Siemens is a leader in offshore wind turbine construction, gas turbine and steam turbine power generation, transmission solutions, infrastructure solutions, industrial automation, drive and software solutions, and medical imaging equipment and laboratory diagnostics. There are privilege escalation vulnerabilities in many Siemens products. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC", "sources": [ { "db": "NVD", "id": "CVE-2016-7165" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "BID", "id": "94158" }, { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "VULHUB", "id": "VHN-95985" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-7165", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-16-313-02", "trust": 2.8 }, { "db": "SIEMENS", "id": "SSA-701708", "trust": 1.7 }, { "db": "BID", "id": "94158", "trust": 1.4 }, { "db": "CNNVD", "id": "CNNVD-201611-301", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2016-10732", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2016-005899", "trust": 0.8 }, { "db": "IVD", "id": "B4D8EF0B-EEF6-4E09-9B80-86C9B1224D88", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-95985", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "id": "VAR-201611-0180", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" } ], "trust": 1.6015931965384618 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" } ] }, "last_update_date": "2024-11-23T23:05:34.362000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-701708", "trust": 0.8, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-701708.pdf" }, { "title": "Patch for a number of Siemens products with privilege escalation vulnerability (CNVD-2016-10732)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/83616" }, { "title": "Multiple Siemens Product non-reference Windows Search path vulnerability fixes", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65670" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-254", "trust": 1.1 }, { "problemtype": "CWE-284", "trust": 1.1 }, { "problemtype": "CWE-Other", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-95985" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.2, "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-313-02" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/94158" }, { "trust": 1.1, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf" }, { "trust": 1.1, "url": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7165" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7165" }, { "trust": 0.6, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-701708.pdf" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-16-313-02" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-11-08T00:00:00", "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "date": "2016-11-08T00:00:00", "db": "CNVD", "id": "CNVD-2016-10732" }, { "date": "2016-11-15T00:00:00", "db": "VULHUB", "id": "VHN-95985" }, { "date": "2016-11-08T00:00:00", "db": "BID", "id": "94158" }, { "date": "2016-11-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "date": "2016-11-16T00:00:00", "db": "CNNVD", "id": "CNNVD-201611-301" }, { "date": "2016-11-15T19:30:02.797000", "db": "NVD", "id": "CVE-2016-7165" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-11-08T00:00:00", "db": "CNVD", "id": "CNVD-2016-10732" }, { "date": "2018-06-15T00:00:00", "db": "VULHUB", "id": "VHN-95985" }, { "date": "2016-11-24T01:08:00", "db": "BID", "id": "94158" }, { "date": "2016-12-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "date": "2019-10-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201611-301" }, { "date": "2024-11-21T02:57:37.740000", "db": "NVD", "id": "CVE-2016-7165" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "94158" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens Vulnerability gained in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-005899" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ], "trust": 0.8 } }
var-202205-0677
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode. Siemens' SIMATIC PCS 7 , SIMATIC WinCC , SIMATIC WinCC Runtime Professional contains an insecure initialization of resources to default values.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and supervisory control (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants. Siemens SIMATIC WinCC
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202205-0677", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "17" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc runtime professional", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v9.0" }, { "model": "simatic wincc runtime professional", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v16" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v17" }, { "model": "simatic wincc sp2 update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v7.58" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported this vulnerability to CISA.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-2738" } ], "trust": 0.6 }, "cve": "CVE-2022-24287", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CVE-2022-24287", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "CNVD-2022-36387", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-413914", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "id": "CVE-2022-24287", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2022-24287", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2022-24287", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2022-24287", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2022-24287", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2022-36387", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202205-2738", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-413914", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "db": "NVD", "id": "CVE-2022-24287" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions \u003c V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode. Siemens\u0027 SIMATIC PCS 7 , SIMATIC WinCC , SIMATIC WinCC Runtime Professional contains an insecure initialization of resources to default values.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and supervisory control (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants. Siemens SIMATIC WinCC", "sources": [ { "db": "NVD", "id": "CVE-2022-24287" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" }, { "db": "VULMON", "id": "CVE-2022-24287" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-24287", "trust": 4.0 }, { "db": "SIEMENS", "id": "SSA-363107", "trust": 3.1 }, { "db": "ICS CERT", "id": "ICSA-22-132-06", "trust": 1.5 }, { "db": "JVN", "id": "JVNVU92977068", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-010187", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2022-36387", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2022.2356", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022051718", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202205-2738", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-413914", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2022-24287", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" }, { "db": "VULMON", "id": "CVE-2022-24287" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "id": "VAR-202205-0677", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" } ], "trust": 1.390281485 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" } ] }, "last_update_date": "2024-11-23T21:50:30.100000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens SIMATIC WinCC Kiosk Mode Improper Initialization Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/332571" }, { "title": "Siemens SIMATIC WinCC Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=245484" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "CNNVD", "id": "CNNVD-202205-2738" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-1188", "trust": 1.0 }, { "problemtype": "Initializing Resources to Unsafe Default Values (CWE-1188) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu92977068/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-24287" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-06" }, { "trust": 0.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-363107.html" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-wincc-user-access-via-kiosk-mode-38295" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-06" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022051718" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-24287/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.2356" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-06" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" }, { "db": "VULMON", "id": "CVE-2022-24287" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2022-36387" }, { "db": "VULHUB", "id": "VHN-413914" }, { "db": "VULMON", "id": "CVE-2022-24287" }, { "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "db": "NVD", "id": "CVE-2022-24287" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-05-12T00:00:00", "db": "CNVD", "id": "CNVD-2022-36387" }, { "date": "2022-05-20T00:00:00", "db": "VULHUB", "id": "VHN-413914" }, { "date": "2023-08-10T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "date": "2022-05-10T00:00:00", "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "date": "2022-05-20T13:15:14.680000", "db": "NVD", "id": "CVE-2022-24287" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-05-11T00:00:00", "db": "CNVD", "id": "CNVD-2022-36387" }, { "date": "2022-06-14T00:00:00", "db": "VULHUB", "id": "VHN-413914" }, { "date": "2023-08-10T08:26:00", "db": "JVNDB", "id": "JVNDB-2022-010187" }, { "date": "2023-07-12T00:00:00", "db": "CNNVD", "id": "CNNVD-202205-2738" }, { "date": "2024-11-21T06:50:05.667000", "db": "NVD", "id": "CVE-2022-24287" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-2738" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Insecure initialization of resources to default values \u200b\u200bin multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-010187" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202205-2738" } ], "trust": 0.6 } }
var-202402-1390
Vulnerability from variot
A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain unorganized RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202402-1390", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime professional", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "18" }, { "model": "openpcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic route control", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "19" }, { "model": "simatic batch", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic batch", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic route control", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "openpcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.1" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "79.1" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "9.1" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v18" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v19" }, { "model": "simatic wincc sp2 update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "7.515" }, { "model": "simatic wincc sp4", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "8.0" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "cve": "CVE-2023-48363", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CNVD-2024-09315", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2023-48363", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2023-48363", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-48363", "trust": 1.0, "value": "MEDIUM" }, { "author": "productcert@siemens.com", "id": "CVE-2023-48363", "trust": 1.0, "value": "High" }, { "author": "NVD", "id": "CVE-2023-48363", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2024-09315", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 4). The implementation of the RPC (Remote Procedure call) \r\ncommunication protocol in the affected products do not \r\nproperly handle certain unorganized RPC messages. An \r\nattacker could use this vulnerability to cause a denial of service \r\ncondition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants", "sources": [ { "db": "NVD", "id": "CVE-2023-48363" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "VULMON", "id": "CVE-2023-48363" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-48363", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-753746", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-24-046-12", "trust": 0.9 }, { "db": "JVN", "id": "JVNVU91198149", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU94620134", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-027390", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2024-09315", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-48363", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "VULMON", "id": "CVE-2023-48363" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "id": "VAR-202402-1390", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" } ], "trust": 1.295444247142857 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" } ] }, "last_update_date": "2024-10-24T21:07:58.957000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Null pointer dereference vulnerabilities in multiple Siemens products", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/526511" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-476", "trust": 1.0 }, { "problemtype": "NULL Pointer dereference (CWE-476) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html" }, { "trust": 0.9, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-12" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91198149/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu94620134/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-48363" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/476.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "VULMON", "id": "CVE-2023-48363" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2024-09315" }, { "db": "VULMON", "id": "CVE-2023-48363" }, { "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "db": "NVD", "id": "CVE-2023-48363" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-02-23T00:00:00", "db": "CNVD", "id": "CNVD-2024-09315" }, { "date": "2024-02-13T00:00:00", "db": "VULMON", "id": "CVE-2023-48363" }, { "date": "2024-10-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "date": "2024-02-13T09:15:45.763000", "db": "NVD", "id": "CVE-2023-48363" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-02-21T00:00:00", "db": "CNVD", "id": "CNVD-2024-09315" }, { "date": "2024-02-13T00:00:00", "db": "VULMON", "id": "CVE-2023-48363" }, { "date": "2024-10-21T00:55:00", "db": "JVNDB", "id": "JVNDB-2023-027390" }, { "date": "2024-10-18T17:26:54.187000", "db": "NVD", "id": "CVE-2023-48363" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "in multiple Siemens products \u00a0NULL\u00a0 Pointer dereference vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-027390" } ], "trust": 0.8 } }
var-201905-1321
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The Siemens SIMATIC PCS 7 and SIMATIC WinCC input validation error vulnerability stems from a network system or product that does not properly validate the input data, and an authenticated attacker can exploit the vulnerability to execute arbitrary commands with SYSTEM privileges. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1321", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime professional", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13.0" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v14" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v15" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.1.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.3.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.5 upd3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "13.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "14.x" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.5" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.0 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.2.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.4.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "15.x" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.2 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "9.0.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v8.0" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc upd3", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5.*\u003cv7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "79.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.53" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "13.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "14.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "15.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime professional", "version": "*" } ], "sources": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004568" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab,ChengBin Wang from ZheJiang Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-592" } ], "trust": 0.6 }, "cve": "CVE-2019-10918", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "CVE-2019-10918", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "CNVD-2019-14940", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "VHN-142512", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2019-10918", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2019-10918", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-10918", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-10918", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2019-14940", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201905-592", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-142512", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2019-10918", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULHUB", "id": "VHN-142512" }, { "db": "VULMON", "id": "CVE-2019-10918" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "CNNVD", "id": "CNNVD-201905-592" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The Siemens SIMATIC PCS 7 and SIMATIC WinCC input validation error vulnerability stems from a network system or product that does not properly validate the input data, and an authenticated attacker can exploit the vulnerability to execute arbitrary commands with SYSTEM privileges. Siemens SIMATIC products are prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An SQL injection vulnerability3. \n3. An arbitrary command execution\nExploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. \nThe following Siemens SIMATIC products are affected:\nSIMATIC PCS 7 version 8.0 and prior\nSIMATIC PCS 7 version 8.1\nSIMATIC PCS 7 version 8.2\nSIMATIC PCS 7 version 9.0\nSIMATIC WinCC (TIA Portal) version 13\nSIMATIC WinCC (TIA Portal) version 14\nSIMATIC WinCC (TIA Portal) version 15\nSIMATIC WinCC Runtime Professional, all version\nSIMATIC WinCC version 7.2 and prior\nSIMATIC WinCC version 7.3\nSIMATIC WinCC version 7.4\nSIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3", "sources": [ { "db": "NVD", "id": "CVE-2019-10918" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "BID", "id": "108404" }, { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "VULHUB", "id": "VHN-142512" }, { "db": "VULMON", "id": "CVE-2019-10918" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10918", "trust": 3.7 }, { "db": "ICS CERT", "id": "ICSA-19-134-08", "trust": 3.5 }, { "db": "SIEMENS", "id": "SSA-697412", "trust": 1.8 }, { "db": "BID", "id": "108404", "trust": 1.0 }, { "db": "CNNVD", "id": "CNNVD-201905-592", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-14940", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-004568", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-19-134-02", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.1716.2", "trust": 0.6 }, { "db": "IVD", "id": "63A18FD7-D96A-4DF7-A648-6F834337CFC7", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-142512", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-10918", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULHUB", "id": "VHN-142512" }, { "db": "VULMON", "id": "CVE-2019-10918" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "CNNVD", "id": "CNNVD-201905-592" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "id": "VAR-201905-1321", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULHUB", "id": "VHN-142512" } ], "trust": 1.5496564849999999 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" } ] }, "last_update_date": "2024-11-23T21:37:16.574000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-697412", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "title": "Siemens SIMATIC PCS 7 and SIMATIC WinCC input patches for verification error vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/161829" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=8ee2a5f6493c2fed7b0aee2edd85e1cb" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULMON", "id": "CVE-2019-10918" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 }, { "problemtype": "CWE-749", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-142512" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-08" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "trust": 1.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-08" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10918" }, { "trust": 1.3, "url": "http://www.securityfocus.com/bid/108404" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10918" }, { "trust": 0.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80946" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/20.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULHUB", "id": "VHN-142512" }, { "db": "VULMON", "id": "CVE-2019-10918" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "CNNVD", "id": "CNNVD-201905-592" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "db": "CNVD", "id": "CNVD-2019-14940" }, { "db": "VULHUB", "id": "VHN-142512" }, { "db": "VULMON", "id": "CVE-2019-10918" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "db": "CNNVD", "id": "CNNVD-201905-592" }, { "db": "NVD", "id": "CVE-2019-10918" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "IVD", "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7" }, { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14940" }, { "date": "2019-05-14T00:00:00", "db": "VULHUB", "id": "VHN-142512" }, { "date": "2019-05-14T00:00:00", "db": "VULMON", "id": "CVE-2019-10918" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108404" }, { "date": "2019-06-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "date": "2019-05-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-592" }, { "date": "2019-05-14T20:29:02.483000", "db": "NVD", "id": "CVE-2019-10918" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14940" }, { "date": "2019-10-10T00:00:00", "db": "VULHUB", "id": "VHN-142512" }, { "date": "2019-10-10T00:00:00", "db": "VULMON", "id": "CVE-2019-10918" }, { "date": "2019-05-22T06:00:00", "db": "BID", "id": "108404" }, { "date": "2019-07-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004568" }, { "date": "2021-10-29T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-592" }, { "date": "2024-11-21T04:20:08.927000", "db": "NVD", "id": "CVE-2019-10918" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-592" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Vulnerability related to input validation in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004568" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-592" } ], "trust": 0.6 } }
var-201905-0114
Vulnerability from variot
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known. plural SIMATIC The product contains cryptographic vulnerabilities.Information may be obtained. Multiple Siemens Products are prone to following security vulnerabilities: 1. An information-disclosure vulnerability 2. A cross-site-scripting vulnerability 3. A security vulnerability An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0114", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic hmi comfort outdoor panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc \\", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi mp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi comfort panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi op", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi tp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi comfort outdoor panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v15.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v15" }, { "model": "simatic hmi ktp mobile panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic hmi classic devices", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime professional update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v15.11" }, { "model": "simatic wincc runtime advanced update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v15.11" }, { "model": "simatic hmi ktp mobile update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" }, { "model": "simatic hmi comfort panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" }, { "model": "simatic hmi comfort outdoor panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" } ], "sources": [ { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004633" }, { "db": "NVD", "id": "CVE-2019-6576" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004633" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens ProductCERT reported these vulnerabilities to NCCIC.,Siemens ProductCERT", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-589" } ], "trust": 0.6 }, "cve": "CVE-2019-6576", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2019-6576", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-158011", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "id": "CVE-2019-6576", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-6576", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-6576", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-201905-589", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-158011", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-158011" }, { "db": "JVNDB", "id": "JVNDB-2019-004633" }, { "db": "CNNVD", "id": "CNNVD-201905-589" }, { "db": "NVD", "id": "CVE-2019-6576" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known. plural SIMATIC The product contains cryptographic vulnerabilities.Information may be obtained. Multiple Siemens Products are prone to following security vulnerabilities:\n1. An information-disclosure vulnerability\n2. A cross-site-scripting vulnerability\n3. A security vulnerability\nAn attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use", "sources": [ { "db": "NVD", "id": "CVE-2019-6576" }, { "db": "JVNDB", "id": "JVNDB-2019-004633" }, { "db": "BID", "id": "108412" }, { "db": "VULHUB", "id": "VHN-158011" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "ICS CERT", "id": "ICSA-19-134-09", "trust": 2.8 }, { "db": "NVD", "id": "CVE-2019-6576", "trust": 2.8 }, { "db": "BID", "id": "108412", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-804486", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2019-004633", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201905-589", "trust": 0.7 }, { "db": "ICS CERT", "id": "ICSA-19-134-02", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.1716.2", "trust": 0.6 }, { "db": "CNVD", "id": "CNVD-2021-54366", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-158011", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158011" }, { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004633" }, { "db": "CNNVD", "id": "CNNVD-201905-589" }, { "db": "NVD", "id": "CVE-2019-6576" } ] }, "id": "VAR-201905-0114", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-158011" } ], "trust": 0.7545892989999999 }, "last_update_date": "2024-11-23T21:37:16.690000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-804486", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf" }, { "title": "Siemens SIMATIC Panels and WinCC Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92739" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004633" }, { "db": "CNNVD", "id": "CNNVD-201905-589" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-310", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158011" }, { "db": "JVNDB", "id": "JVNDB-2019-004633" }, { "db": "NVD", "id": "CVE-2019-6576" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "http://www.securityfocus.com/bid/108412" }, { "trust": 1.9, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-09" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6576" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.9, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-09" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6576" }, { "trust": 0.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29288" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80946" } ], "sources": [ { "db": "VULHUB", "id": "VHN-158011" }, { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004633" }, { "db": "CNNVD", "id": "CNNVD-201905-589" }, { "db": "NVD", "id": "CVE-2019-6576" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-158011" }, { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004633" }, { "db": "CNNVD", "id": "CNNVD-201905-589" }, { "db": "NVD", "id": "CVE-2019-6576" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-14T00:00:00", "db": "VULHUB", "id": "VHN-158011" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108412" }, { "date": "2019-06-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004633" }, { "date": "2019-05-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-589" }, { "date": "2019-05-14T20:29:04.560000", "db": "NVD", "id": "CVE-2019-6576" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-22T00:00:00", "db": "VULHUB", "id": "VHN-158011" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108412" }, { "date": "2019-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004633" }, { "date": "2019-06-20T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-589" }, { "date": "2024-11-21T04:46:44.130000", "db": "NVD", "id": "CVE-2019-6576" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-589" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Cryptographic vulnerabilities in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004633" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "encryption problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-589" } ], "trust": 0.6 } }
var-202006-1828
Vulnerability from variot
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. plural SIMATIC The product contains vulnerabilities in unquoted search paths or elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Opera Software, Opera, etc. are all products of Opera Software in Norway. Opera is a web browser, Siemens SIMATIC S7-1500, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Code issue vulnerabilities exist in several products. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1828", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs neo", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic prosave", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic automatic tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc runtime professional", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics starter commissioning tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc open architecture", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.17" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic net pc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic step 7", "scope": "gte", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "sinec network management system", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic step 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "sinema server", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic step 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.6" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "sinamics startdrive", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinumerik one virtual", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinumerik operate", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc open architecture", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.16" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "21.8" }, { "model": "simatic step 7", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.6" }, { "model": "simatic automation tool", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic net pc software", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs neo", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic prosave", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic step 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc oa", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_automation_tool", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_neo", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_prosave", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_step_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_open_architecture", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006496" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Ander Martinez of Titanium Industrial Security and INCIBE reported this vulnerability to Siemens.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-636" } ], "trust": 0.6 }, "cve": "CVE-2020-7580", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "CVE-2020-7580", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.1, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 7.2, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "JVNDB-2020-006496", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "VHN-185705", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 0.8, "id": "CVE-2020-7580", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.7, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "JVNDB-2020-006496", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2020-7580", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "JVNDB-2020-006496", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-202006-636", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-185705", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2020-7580", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. plural SIMATIC The product contains vulnerabilities in unquoted search paths or elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Opera Software, Opera, etc. are all products of Opera Software in Norway. Opera is a web browser, Siemens SIMATIC S7-1500, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Code issue vulnerabilities exist in several products. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products", "sources": [ { "db": "NVD", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" } ], "trust": 1.8 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-7580", "trust": 2.6 }, { "db": "ICS CERT", "id": "ICSA-20-161-04", "trust": 2.6 }, { "db": "SIEMENS", "id": "SSA-312271", "trust": 1.8 }, { "db": "JVN", "id": "JVNVU97501786", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2020-006496", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202006-636", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.2015", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-185705", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2020-7580", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "id": "VAR-202006-1828", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-185705" } ], "trust": 0.6991104690909089 }, "last_update_date": "2024-11-23T20:22:32.187000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-312271:Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf" }, { "title": "Multiple Siemens Product code issue vulnerability fixes", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=121186" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9c51f352314e5a42566d9203d2f1e0a2" } ], "sources": [ { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-428", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.2, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7580" }, { "trust": 1.2, "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-04" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7580" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu97501786/" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-code-execution-via-windows-exe-extension-32489" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.2015/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/428.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-161-04" } ], "sources": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-185705" }, { "db": "VULMON", "id": "CVE-2020-7580" }, { "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "db": "CNNVD", "id": "CNNVD-202006-636" }, { "db": "NVD", "id": "CVE-2020-7580" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-06-10T00:00:00", "db": "VULHUB", "id": "VHN-185705" }, { "date": "2020-06-10T00:00:00", "db": "VULMON", "id": "CVE-2020-7580" }, { "date": "2020-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "date": "2020-06-09T00:00:00", "db": "CNNVD", "id": "CNNVD-202006-636" }, { "date": "2020-06-10T17:15:12.347000", "db": "NVD", "id": "CVE-2020-7580" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-13T00:00:00", "db": "VULHUB", "id": "VHN-185705" }, { "date": "2022-04-12T00:00:00", "db": "VULMON", "id": "CVE-2020-7580" }, { "date": "2020-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-006496" }, { "date": "2022-12-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202006-636" }, { "date": "2024-11-21T05:37:24.840000", "db": "NVD", "id": "CVE-2020-7580" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-636" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Vulnerabilities in unquoted search paths or elements in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-006496" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202006-636" } ], "trust": 0.6 } }
var-201905-1324
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that originated from a network system or product that did not properly validate the entered data. service. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1324", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime professional", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13.0" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v14" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v15" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.1.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.3.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.5 upd3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "13.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "14.x" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.5" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.0 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.2.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.4.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "15.x" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.2 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "9.0.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=7.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc upd3", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5.*\u003cv7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "79.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.53" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "13.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "14.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "15.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime professional", "version": "*" } ], "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004567" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab, and ChengBin Wang from Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-595" } ], "trust": 0.6 }, "cve": "CVE-2019-10917", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2019-10917", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CNVD-2019-14939", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.2, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "VHN-142511", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 1.8, "id": "CVE-2019-10917", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 5.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-10917", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-10917", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2019-10917", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2019-14939", "trust": 0.6, "value": "LOW" }, { "author": "CNNVD", "id": "CNNVD-201905-595", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-142511", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "VULHUB", "id": "VHN-142511" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "CNNVD", "id": "CNNVD-201905-595" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that originated from a network system or product that did not properly validate the entered data. service. Siemens SIMATIC products are prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An SQL injection vulnerability3. \n3. An arbitrary command execution\nExploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. \nThe following Siemens SIMATIC products are affected:\nSIMATIC PCS 7 version 8.0 and prior\nSIMATIC PCS 7 version 8.1\nSIMATIC PCS 7 version 8.2\nSIMATIC PCS 7 version 9.0\nSIMATIC WinCC (TIA Portal) version 13\nSIMATIC WinCC (TIA Portal) version 14\nSIMATIC WinCC (TIA Portal) version 15\nSIMATIC WinCC Runtime Professional, all version\nSIMATIC WinCC version 7.2 and prior\nSIMATIC WinCC version 7.3\nSIMATIC WinCC version 7.4\nSIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3", "sources": [ { "db": "NVD", "id": "CVE-2019-10917" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "BID", "id": "108404" }, { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "VULHUB", "id": "VHN-142511" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10917", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-19-134-08", "trust": 3.4 }, { "db": "SIEMENS", "id": "SSA-697412", "trust": 1.7 }, { "db": "CNNVD", "id": "CNNVD-201905-595", "trust": 0.9 }, { "db": "BID", "id": "108404", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-14939", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-004567", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-19-134-02", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.1716.2", "trust": 0.6 }, { "db": "IVD", "id": "DF80F7D1-C23D-4B6B-A4D2-D114F7117CD6", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-142511", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "VULHUB", "id": "VHN-142511" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "CNNVD", "id": "CNNVD-201905-595" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "id": "VAR-201905-1324", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "VULHUB", "id": "VHN-142511" } ], "trust": 1.5496564849999999 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" } ] }, "last_update_date": "2024-11-23T21:37:17.536000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-697412", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "title": "Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Input Validation Error Vulnerability (CNVD-2019-14939)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/161831" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-755", "trust": 1.1 }, { "problemtype": "CWE-248", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-142511" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-08" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "trust": 1.5, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-08" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10917" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/108404" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10917" }, { "trust": 0.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80946" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "VULHUB", "id": "VHN-142511" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "CNNVD", "id": "CNNVD-201905-595" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "CNVD", "id": "CNVD-2019-14939" }, { "db": "VULHUB", "id": "VHN-142511" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "db": "CNNVD", "id": "CNNVD-201905-595" }, { "db": "NVD", "id": "CVE-2019-10917" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14939" }, { "date": "2019-05-14T00:00:00", "db": "VULHUB", "id": "VHN-142511" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108404" }, { "date": "2019-06-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "date": "2019-05-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-595" }, { "date": "2019-05-14T20:29:02.387000", "db": "NVD", "id": "CVE-2019-10917" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14939" }, { "date": "2021-11-02T00:00:00", "db": "VULHUB", "id": "VHN-142511" }, { "date": "2019-05-22T06:00:00", "db": "BID", "id": "108404" }, { "date": "2019-07-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004567" }, { "date": "2021-11-03T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-595" }, { "date": "2024-11-21T04:20:08.790000", "db": "NVD", "id": "CVE-2019-10917" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-595" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Vulnerability related to input validation in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004567" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation error", "sources": [ { "db": "IVD", "id": "df80f7d1-c23d-4b6b-a4d2-d114f7117cd6" }, { "db": "BID", "id": "108404" }, { "db": "CNNVD", "id": "CNNVD-201905-595" } ], "trust": 1.1 } }
var-202404-0165
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 1), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operators to control and monitor machines and equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202404-0165", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs sp2 uc04", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.1\u003cv9.1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v17" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v18" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v19" }, { "model": "simatic wincc sp2 update", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5\u003cv7.516" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.0" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-17302" } ] }, "cve": "CVE-2023-50821", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CNVD-2024-17302", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.5, "id": "CVE-2023-50821", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2023-50821", "trust": 1.0, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2024-17302", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-17302" }, { "db": "NVD", "id": "CVE-2023-50821" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 1), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operators to control and monitor machines and equipment", "sources": [ { "db": "NVD", "id": "CVE-2023-50821" }, { "db": "CNVD", "id": "CNVD-2024-17302" } ], "trust": 1.44 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "SIEMENS", "id": "SSA-730482", "trust": 1.6 }, { "db": "NVD", "id": "CVE-2023-50821", "trust": 1.6 }, { "db": "CNVD", "id": "CNVD-2024-17302", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-17302" }, { "db": "NVD", "id": "CVE-2023-50821" } ] }, "id": "VAR-202404-0165", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2024-17302" } ], "trust": 1.3067591266666667 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-17302" } ] }, "last_update_date": "2024-08-14T15:15:30.302000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens SIMATIC WinCC Denial of Service Vulnerability (CNVD-2024-17302)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/540266" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-17302" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-120", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2023-50821" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-730482.html" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-17302" }, { "db": "NVD", "id": "CVE-2023-50821" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2024-17302" }, { "db": "NVD", "id": "CVE-2023-50821" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-04-10T00:00:00", "db": "CNVD", "id": "CNVD-2024-17302" }, { "date": "2024-04-09T09:15:21.270000", "db": "NVD", "id": "CVE-2023-50821" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-04-10T00:00:00", "db": "CNVD", "id": "CNVD-2024-17302" }, { "date": "2024-07-09T12:15:10.570000", "db": "NVD", "id": "CVE-2023-50821" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC Denial of Service Vulnerability (CNVD-2024-17302)", "sources": [ { "db": "CNVD", "id": "CNVD-2024-17302" } ], "trust": 0.6 } }
var-201812-0345
Vulnerability from variot
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V14), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V14), SIMATIC WinCC Runtime Advanced (All versions < V14), SIMATIC WinCC Runtime Professional (All versions < V14), SIMATIC WinCC (TIA Portal) (All versions < V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server (port 80/tcp and port 443/tcp) of the affected devices could allow an attacker to inject HTTP headers. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal) are products of Siemens AG, Germany. Siemens SIMATIC Panels is a human interface panel. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. A code injection vulnerability exists in Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal), which can be exploited by an attacker to inject HTTP headers with malicious links. Multiple Siemens Products are prone to an HTTP header-injection vulnerability because it fails to sufficiently sanitize user input. This may aid in further attacks
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201812-0345", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic hmi ktp mobile panels ktp900", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic hmi mp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi op", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic wincc \\", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic hmi comfort outdoor panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic wincc runtime", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic hmi tp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi comfort panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic hmi comfort outdoor panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort panels 4\" 22\"", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "-\u003c14" }, { "model": "simatic hmi comfort outdoor panels 7\\\" and 15\\\"", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic hmi ktp mobile panels", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime advanced", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic wincc runtime", "version": "*" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v120" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v110" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v10" }, { "model": "simatic hmi ktp mobile panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "22" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi classic devices", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime professional", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime advanced", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v14" }, { "model": "simatic wincc", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v14" }, { "model": "simatic hmi ktp mobile panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic hmi comfort panels", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi comfort panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi mp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi op", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi comfort outdoor panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp400f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp700", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp700f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp900", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp900f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi tp", "version": "*" } ], "sources": [ { "db": "IVD", "id": "7d80ae62-463f-11e9-b905-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25432" }, { "db": "BID", "id": "105931" }, { "db": "JVNDB", "id": "JVNDB-2018-014527" }, { "db": "NVD", "id": "CVE-2018-13814" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-014527" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vendor reported this issue.", "sources": [ { "db": "BID", "id": "105931" } ], "trust": 0.3 }, "cve": "CVE-2018-13814", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2018-13814", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2018-25432", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "7d80ae62-463f-11e9-b905-000c29342cb1", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-123911", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2018-13814", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2018-13814", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2018-13814", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2018-25432", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201811-488", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "7d80ae62-463f-11e9-b905-000c29342cb1", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-123911", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "7d80ae62-463f-11e9-b905-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25432" }, { "db": "VULHUB", "id": "VHN-123911" }, { "db": "JVNDB", "id": "JVNDB-2018-014527" }, { "db": "CNNVD", "id": "CNNVD-201811-488" }, { "db": "NVD", "id": "CVE-2018-13814" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V14), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V14), SIMATIC WinCC Runtime Advanced (All versions \u003c V14), SIMATIC WinCC Runtime Professional (All versions \u003c V14), SIMATIC WinCC (TIA Portal) (All versions \u003c V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server (port 80/tcp and port 443/tcp) of the affected devices could allow an attacker to inject HTTP headers. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal) are products of Siemens AG, Germany. Siemens SIMATIC Panels is a human interface panel. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. A code injection vulnerability exists in Siemens SIMATIC Panels and SIMATIC WinCC (TIA Portal), which can be exploited by an attacker to inject HTTP headers with malicious links. Multiple Siemens Products are prone to an HTTP header-injection vulnerability because it fails to sufficiently sanitize user input. This may aid in further attacks", "sources": [ { "db": "NVD", "id": "CVE-2018-13814" }, { "db": "JVNDB", "id": "JVNDB-2018-014527" }, { "db": "CNVD", "id": "CNVD-2018-25432" }, { "db": "BID", "id": "105931" }, { "db": "IVD", "id": "7d80ae62-463f-11e9-b905-000c29342cb1" }, { "db": "VULHUB", "id": "VHN-123911" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-13814", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-18-317-03", "trust": 2.3 }, { "db": "BID", "id": "105931", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-944083", "trust": 1.7 }, { "db": "CNNVD", "id": "CNNVD-201811-488", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2018-25432", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2018-014527", "trust": 0.8 }, { "db": "IVD", "id": "7D80AE62-463F-11E9-B905-000C29342CB1", "trust": 0.2 }, { "db": "SEEBUG", "id": "SSVID-98853", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-123911", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "7d80ae62-463f-11e9-b905-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25432" }, { "db": "VULHUB", "id": "VHN-123911" }, { "db": "BID", "id": "105931" }, { "db": "JVNDB", "id": "JVNDB-2018-014527" }, { "db": "CNNVD", "id": "CNNVD-201811-488" }, { "db": "NVD", "id": "CVE-2018-13814" } ] }, "id": "VAR-201812-0345", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "7d80ae62-463f-11e9-b905-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25432" }, { "db": "VULHUB", "id": "VHN-123911" } ], "trust": 1.53959078625 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "7d80ae62-463f-11e9-b905-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25432" } ] }, "last_update_date": "2024-11-23T22:34:04.145000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-944083", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf" }, { "title": "Patch for Siemens SIMATIC Panels and SIMATIC WinCC code injection vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/147353" }, { "title": "Siemens SIMATIC Panels and SIMATIC WinCC Fixes for code injection vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86889" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-25432" }, { "db": "JVNDB", "id": "JVNDB-2018-014527" }, { "db": "CNNVD", "id": "CNNVD-201811-488" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.9 }, { "problemtype": "CWE-113", "trust": 1.0 } ], "sources": [ { "db": "VULHUB", "id": "VHN-123911" }, { "db": "JVNDB", "id": "JVNDB-2018-014527" }, { "db": "NVD", "id": "CVE-2018-13814" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-317-03" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/105931" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13814" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13814" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-25432" }, { "db": "VULHUB", "id": "VHN-123911" }, { "db": "BID", "id": "105931" }, { "db": "JVNDB", "id": "JVNDB-2018-014527" }, { "db": "CNNVD", "id": "CNNVD-201811-488" }, { "db": "NVD", "id": "CVE-2018-13814" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "7d80ae62-463f-11e9-b905-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25432" }, { "db": "VULHUB", "id": "VHN-123911" }, { "db": "BID", "id": "105931" }, { "db": "JVNDB", "id": "JVNDB-2018-014527" }, { "db": "CNNVD", "id": "CNNVD-201811-488" }, { "db": "NVD", "id": "CVE-2018-13814" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-12-14T00:00:00", "db": "IVD", "id": "7d80ae62-463f-11e9-b905-000c29342cb1" }, { "date": "2018-12-14T00:00:00", "db": "CNVD", "id": "CNVD-2018-25432" }, { "date": "2018-12-13T00:00:00", "db": "VULHUB", "id": "VHN-123911" }, { "date": "2018-11-13T00:00:00", "db": "BID", "id": "105931" }, { "date": "2019-03-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-014527" }, { "date": "2018-11-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201811-488" }, { "date": "2018-12-13T16:29:00.350000", "db": "NVD", "id": "CVE-2018-13814" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-12-14T00:00:00", "db": "CNVD", "id": "CNVD-2018-25432" }, { "date": "2019-10-09T00:00:00", "db": "VULHUB", "id": "VHN-123911" }, { "date": "2018-11-13T00:00:00", "db": "BID", "id": "105931" }, { "date": "2019-03-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-014527" }, { "date": "2019-10-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201811-488" }, { "date": "2024-11-21T03:48:07.560000", "db": "NVD", "id": "CVE-2018-13814" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201811-488" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC Panels and SIMATIC WinCC code injection vulnerability", "sources": [ { "db": "CNVD", "id": "CNVD-2018-25432" }, { "db": "CNNVD", "id": "CNNVD-201811-488" } ], "trust": 1.2 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation error", "sources": [ { "db": "IVD", "id": "7d80ae62-463f-11e9-b905-000c29342cb1" }, { "db": "BID", "id": "105931" }, { "db": "CNNVD", "id": "CNNVD-201811-488" } ], "trust": 1.1 } }
var-202402-1389
Vulnerability from variot
A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202402-1389", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime professional", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "18" }, { "model": "openpcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic route control", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "19" }, { "model": "simatic batch", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic batch", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic route control", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "openpcs 7", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.1" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "79.1" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "9.1" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "9.1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v18" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v19" }, { "model": "simatic wincc sp2 update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "7.515" }, { "model": "simatic wincc sp4", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "8.0" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "cve": "CVE-2023-48364", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CNVD-2024-09314", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2023-48364", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2023-48364", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2023-48364", "trust": 1.0, "value": "MEDIUM" }, { "author": "productcert@siemens.com", "id": "CVE-2023-48364", "trust": 1.0, "value": "High" }, { "author": "NVD", "id": "CVE-2023-48364", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2024-09314", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server. openpcs 7 , SIMATIC BATCH , SIMATIC PCS 7 For multiple Siemens products, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC WinCC is a supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operator control and monitoring of machines and plants", "sources": [ { "db": "NVD", "id": "CVE-2023-48364" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "VULMON", "id": "CVE-2023-48364" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-48364", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-753746", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-24-046-12", "trust": 0.9 }, { "db": "JVN", "id": "JVNVU91198149", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU94620134", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-027393", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2024-09314", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2023-48364", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "VULMON", "id": "CVE-2023-48364" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "id": "VAR-202402-1389", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" } ], "trust": 1.295444247142857 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" } ] }, "last_update_date": "2024-10-24T20:52:21.130000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Null pointer dereference vulnerability (CNVD-2024-09314) in multiple Siemens products", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/526516" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-476", "trust": 1.0 }, { "problemtype": "NULL Pointer dereference (CWE-476) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/html/ssa-753746.html" }, { "trust": 0.9, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-12" }, { "trust": 0.8, "url": "https://jvn.jp/vu/\u3010\u81ea\u52d5\uff1a\u8981jvnvu\u8ffd\u52a0\u3011\u30b7\u30fc\u30e1\u30f3\u30b9/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu91198149/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu94620134/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-48364" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "VULMON", "id": "CVE-2023-48364" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2024-09314" }, { "db": "VULMON", "id": "CVE-2023-48364" }, { "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "db": "NVD", "id": "CVE-2023-48364" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-02-23T00:00:00", "db": "CNVD", "id": "CNVD-2024-09314" }, { "date": "2024-02-13T00:00:00", "db": "VULMON", "id": "CVE-2023-48364" }, { "date": "2024-10-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "date": "2024-02-13T09:15:45.980000", "db": "NVD", "id": "CVE-2023-48364" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-02-21T00:00:00", "db": "CNVD", "id": "CNVD-2024-09314" }, { "date": "2024-02-13T00:00:00", "db": "VULMON", "id": "CVE-2023-48364" }, { "date": "2024-10-21T06:57:00", "db": "JVNDB", "id": "JVNDB-2023-027393" }, { "date": "2024-10-18T17:26:22.937000", "db": "NVD", "id": "CVE-2023-48364" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "in multiple Siemens products \u00a0NULL\u00a0 Pointer dereference vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-027393" } ], "trust": 0.8 } }
var-201905-0112
Vulnerability from variot
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains vulnerabilities related to authorization, permissions, and access control.Information may be obtained and information may be altered. Multiple Siemens Products are prone to following security vulnerabilities: 1. An information-disclosure vulnerability 2. A cross-site-scripting vulnerability 3. A security vulnerability An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0112", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic hmi comfort outdoor panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc \\", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi mp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi comfort panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi op", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi tp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi comfort outdoor panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v15.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v15" }, { "model": "simatic hmi ktp mobile panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic hmi classic devices", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime professional update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v15.11" }, { "model": "simatic wincc runtime advanced update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v15.11" }, { "model": "simatic hmi ktp mobile update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" }, { "model": "simatic hmi comfort panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" }, { "model": "simatic hmi comfort outdoor panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" } ], "sources": [ { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004632" }, { "db": "NVD", "id": "CVE-2019-6572" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004632" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens ProductCERT reported these vulnerabilities to NCCIC.,Siemens ProductCERT", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-590" } ], "trust": 0.6 }, "cve": "CVE-2019-6572", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2019-6572", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-158007", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "id": "CVE-2019-6572", "impactScore": 5.2, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 9.1, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2019-6572", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-6572", "trust": 1.0, "value": "CRITICAL" }, { "author": "NVD", "id": "CVE-2019-6572", "trust": 0.8, "value": "Critical" }, { "author": "CNNVD", "id": "CNNVD-201905-590", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-158007", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-158007" }, { "db": "JVNDB", "id": "JVNDB-2019-004632" }, { "db": "CNNVD", "id": "CNNVD-201905-590" }, { "db": "NVD", "id": "CVE-2019-6572" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains vulnerabilities related to authorization, permissions, and access control.Information may be obtained and information may be altered. Multiple Siemens Products are prone to following security vulnerabilities:\n1. An information-disclosure vulnerability\n2. A cross-site-scripting vulnerability\n3. A security vulnerability\nAn attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products", "sources": [ { "db": "NVD", "id": "CVE-2019-6572" }, { "db": "JVNDB", "id": "JVNDB-2019-004632" }, { "db": "BID", "id": "108412" }, { "db": "VULHUB", "id": "VHN-158007" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "ICS CERT", "id": "ICSA-19-134-09", "trust": 2.8 }, { "db": "NVD", "id": "CVE-2019-6572", "trust": 2.8 }, { "db": "BID", "id": "108412", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-804486", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2019-004632", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201905-590", "trust": 0.7 }, { "db": "ICS CERT", "id": "ICSA-19-134-02", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.1716.2", "trust": 0.6 }, { "db": "CNVD", "id": "CNVD-2021-54367", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-158007", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158007" }, { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004632" }, { "db": "CNNVD", "id": "CNNVD-201905-590" }, { "db": "NVD", "id": "CVE-2019-6572" } ] }, "id": "VAR-201905-0112", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-158007" } ], "trust": 0.7545892989999999 }, "last_update_date": "2024-11-23T21:37:16.658000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-804486", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf" }, { "title": "Siemens SIMATIC Panels and WinCC Repair measures for trust management problem vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92740" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004632" }, { "db": "CNNVD", "id": "CNNVD-201905-590" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-798", "trust": 1.1 }, { "problemtype": "CWE-200", "trust": 1.0 }, { "problemtype": "CWE-264", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158007" }, { "db": "JVNDB", "id": "JVNDB-2019-004632" }, { "db": "NVD", "id": "CVE-2019-6572" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.9, "url": "http://www.securityfocus.com/bid/108412" }, { "trust": 2.5, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-09" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6572" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.9, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-09" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6572" }, { "trust": 0.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29288" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80946" } ], "sources": [ { "db": "VULHUB", "id": "VHN-158007" }, { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004632" }, { "db": "CNNVD", "id": "CNNVD-201905-590" }, { "db": "NVD", "id": "CVE-2019-6572" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-158007" }, { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004632" }, { "db": "CNNVD", "id": "CNNVD-201905-590" }, { "db": "NVD", "id": "CVE-2019-6572" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-14T00:00:00", "db": "VULHUB", "id": "VHN-158007" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108412" }, { "date": "2019-06-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004632" }, { "date": "2019-05-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-590" }, { "date": "2019-05-14T20:29:04.200000", "db": "NVD", "id": "CVE-2019-6572" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-10-06T00:00:00", "db": "VULHUB", "id": "VHN-158007" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108412" }, { "date": "2019-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004632" }, { "date": "2020-10-28T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-590" }, { "date": "2024-11-21T04:46:43.653000", "db": "NVD", "id": "CVE-2019-6572" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-590" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Vulnerabilities related to authorization, authority, and access control in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004632" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "trust management problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-590" } ], "trust": 0.6 } }
var-201907-1455
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The SIMATIC WinCC DataMonitor web is one of the data analysis and display components.
A security vulnerability exists in the SIMATIC WinCC DataMonitor web in several Siemens products. Siemens SIMATIC WinCC and SIMATIC PCS 7 are prone to an arbitrary file-upload vulnerability
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201907-1455", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7v8.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7v8.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7v9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "v7.3" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "v14" }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v8.0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v15" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.2" }, { "model": "simatic wincc professional (tia portal", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v13)" }, { "model": "simatic wincc professional (tia portal", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v14)" }, { "model": "simatic wincc professional (tia portal", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v15)" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5" }, { "model": "simatic wincc runtime professional update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v15.11" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime professional update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc runtime professional sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional sp1 upd2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional sp update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1319" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc professional sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc professional sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.41" }, { "model": "simatic wincc sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.32" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.313" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.311" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.310" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.31" }, { "model": "simatic wincc upd4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.29" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc sp3 upd", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.08" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "79.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.53" }, { "model": "simatic wincc sp-1 upd-11", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic pcs sp-2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "79.0" }, { "model": "simatic pcs sp-1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "78.2" }, { "model": "simatic pcs siemens simatic wincc", "scope": "eq", "trust": 0.2, "vendor": "siemens", "version": "7\u003c=v8.0\u003c=v7.2" }, { "model": "simatic wincc siemens simatic wincc professional (tia portal siemens simatic wincc professional (tia portal siemens simatic w", "scope": "eq", "trust": 0.2, "vendor": "siemens", "version": "v7.4v15)v14)" }, { "model": "simatic wincc runtime professional siemens simatic wincc", "scope": "eq", "trust": 0.2, "vendor": "siemens", "version": "v15v7.5" } ], "sources": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "BID", "id": "109127" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-006590" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Xuchen Zhu from ZheJiang Guoli Security Technology CNCERT/CC", "sources": [ { "db": "CNNVD", "id": "CNNVD-201907-609" } ], "trust": 0.6 }, "cve": "CVE-2019-10935", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "CVE-2019-10935", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CNVD-2019-22244", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "69364700-0a59-4c18-a969-e06b68873d4f", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "id": "VHN-142531", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.2, "id": "CVE-2019-10935", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-10935", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-10935", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2019-22244", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201907-609", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-142531", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2019-10935", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULHUB", "id": "VHN-142531" }, { "db": "VULMON", "id": "CVE-2019-10935" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "CNNVD", "id": "CNNVD-201907-609" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The SIMATIC WinCC DataMonitor web is one of the data analysis and display components. \n\nA security vulnerability exists in the SIMATIC WinCC DataMonitor web in several Siemens products. Siemens SIMATIC WinCC and SIMATIC PCS 7 are prone to an arbitrary file-upload vulnerability", "sources": [ { "db": "NVD", "id": "CVE-2019-10935" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "BID", "id": "109127" }, { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "VULHUB", "id": "VHN-142531" }, { "db": "VULMON", "id": "CVE-2019-10935" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10935", "trust": 2.9 }, { "db": "SIEMENS", "id": "SSA-121293", "trust": 2.4 }, { "db": "ICS CERT", "id": "ICSA-19-192-02", "trust": 1.7 }, { "db": "BID", "id": "109127", "trust": 1.1 }, { "db": "CNVD", "id": "CNVD-2019-22244", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-006590", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201907-609", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2019.2574", "trust": 0.6 }, { "db": "IVD", "id": "69364700-0A59-4C18-A969-E06B68873D4F", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-142531", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-10935", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULHUB", "id": "VHN-142531" }, { "db": "VULMON", "id": "CVE-2019-10935" }, { "db": "BID", "id": "109127" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "CNNVD", "id": "CNNVD-201907-609" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "id": "VAR-201907-1455", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULHUB", "id": "VHN-142531" } ], "trust": 1.616291167 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" } ] }, "last_update_date": "2024-11-23T21:59:49.073000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-121293", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf" }, { "title": "Patch for Multiple Siemens product code upload vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/168509" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9f83ea9c05726639cd4642c3972ec527" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULMON", "id": "CVE-2019-10935" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-434", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-142531" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf" }, { "trust": 1.7, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-192-02" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10935" }, { "trust": 1.3, "url": "https://www.securityfocus.com/bid/109127" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.9, "url": "https://new.siemens.com/global/en/products/services/cert.html#securitypublications" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10935" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.2574/" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-pcs7-wincc-file-upload-via-datamonitor-29733" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/434.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163660" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULHUB", "id": "VHN-142531" }, { "db": "VULMON", "id": "CVE-2019-10935" }, { "db": "BID", "id": "109127" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "CNNVD", "id": "CNNVD-201907-609" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "db": "CNVD", "id": "CNVD-2019-22244" }, { "db": "VULHUB", "id": "VHN-142531" }, { "db": "VULMON", "id": "CVE-2019-10935" }, { "db": "BID", "id": "109127" }, { "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "db": "CNNVD", "id": "CNNVD-201907-609" }, { "db": "NVD", "id": "CVE-2019-10935" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-07-12T00:00:00", "db": "IVD", "id": "69364700-0a59-4c18-a969-e06b68873d4f" }, { "date": "2019-07-12T00:00:00", "db": "CNVD", "id": "CNVD-2019-22244" }, { "date": "2019-07-11T00:00:00", "db": "VULHUB", "id": "VHN-142531" }, { "date": "2019-07-11T00:00:00", "db": "VULMON", "id": "CVE-2019-10935" }, { "date": "2019-07-09T00:00:00", "db": "BID", "id": "109127" }, { "date": "2019-07-24T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "date": "2019-07-10T00:00:00", "db": "CNNVD", "id": "CNNVD-201907-609" }, { "date": "2019-07-11T22:15:11.797000", "db": "NVD", "id": "CVE-2019-10935" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-10-15T00:00:00", "db": "CNVD", "id": "CNVD-2019-22244" }, { "date": "2019-10-10T00:00:00", "db": "VULHUB", "id": "VHN-142531" }, { "date": "2019-10-10T00:00:00", "db": "VULMON", "id": "CVE-2019-10935" }, { "date": "2019-07-09T00:00:00", "db": "BID", "id": "109127" }, { "date": "2019-07-24T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-006590" }, { "date": "2019-10-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201907-609" }, { "date": "2024-11-21T04:20:11.120000", "db": "NVD", "id": "CVE-2019-10935" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201907-609" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Product unrestricted upload vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-006590" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201907-609" } ], "trust": 0.6 } }
var-202407-0441
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 23), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly handle certain requests to their web application, which may lead to the leak of privileged information. This could allow an unauthenticated remote attacker to retrieve information such as users and passwords. Siemens SIMATIC PCS 7 is a process control system from Siemens, Germany. SIMATIC WinCC is an automated supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operators to control and monitor machines and equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202407-0441", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v18" }, { "model": "simatic wincc runtime professional update", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v19\u003cv192" }, { "model": "simatic wincc sp1 update", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4\u003cv7.423" }, { "model": "simatic wincc sp2 update", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5\u003cv7.517" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.0\u003cv8.05" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-32687" } ] }, "cve": "CVE-2024-30321", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.4, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 4.9, "id": "CNVD-2024-32687", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.2, "id": "CVE-2024-30321", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2024-30321", "trust": 1.0, "value": "High" }, { "author": "CNVD", "id": "CNVD-2024-32687", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-32687" }, { "db": "NVD", "id": "CVE-2024-30321" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 5), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 23), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 5). The affected products do not properly handle certain requests to their web application, which may lead to the leak of privileged information. \r\nThis could allow an unauthenticated remote attacker to retrieve information such as users and passwords. Siemens SIMATIC PCS 7 is a process control system from Siemens, Germany. SIMATIC WinCC is an automated supervisory control and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visual runtime platform for operators to control and monitor machines and equipment", "sources": [ { "db": "NVD", "id": "CVE-2024-30321" }, { "db": "CNVD", "id": "CNVD-2024-32687" } ], "trust": 1.44 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "SIEMENS", "id": "SSA-883918", "trust": 1.6 }, { "db": "NVD", "id": "CVE-2024-30321", "trust": 1.6 }, { "db": "CNVD", "id": "CNVD-2024-32687", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-32687" }, { "db": "NVD", "id": "CVE-2024-30321" } ] }, "id": "VAR-202407-0441", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2024-32687" } ], "trust": 1.303919608 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-32687" } ] }, "last_update_date": "2024-11-12T23:32:30.047000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens SIMATIC WinCC Information Disclosure Vulnerability (CNVD-2024-32687)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/569086" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-32687" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-359", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2024-30321" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-883918.html" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-32687" }, { "db": "NVD", "id": "CVE-2024-30321" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2024-32687" }, { "db": "NVD", "id": "CVE-2024-30321" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-07-19T00:00:00", "db": "CNVD", "id": "CNVD-2024-32687" }, { "date": "2024-07-09T12:15:11.707000", "db": "NVD", "id": "CVE-2024-30321" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-07-16T00:00:00", "db": "CNVD", "id": "CNVD-2024-32687" }, { "date": "2024-11-12T13:15:07.503000", "db": "NVD", "id": "CVE-2024-30321" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC WinCC Information Disclosure Vulnerability (CNVD-2024-32687)", "sources": [ { "db": "CNVD", "id": "CNVD-2024-32687" } ], "trust": 0.6 } }
var-201804-1651
Vulnerability from variot
A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural Siemens SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC BATCH, etc. are all industrial automation products from Siemens AG. Siemens OpenPCS, etc. Siemens OpenPCS is a process control system. SIMATIC BATCH is a set of software packages for batch automation. Input validation vulnerabilities exist in several Siemens products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201804-1651", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic batch", "scope": "eq", "trust": 2.4, "vendor": "siemens", "version": "8.0" }, { "model": "simatic batch", "scope": "eq", "trust": 2.4, "vendor": "siemens", "version": "8.1" }, { "model": "simatic batch", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.2" }, { "model": "simatic batch", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "9.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "9.0" }, { "model": "simatic route control", "scope": "lte", "trust": 1.8, "vendor": "siemens", "version": "7.1" }, { "model": "simatic route control", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.0" }, { "model": "simatic route control", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "8.1" }, { "model": "simatic route control", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.8, "vendor": "siemens", "version": "7.4" }, { "model": "openpcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.1" }, { "model": "openpcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "9.0" }, { "model": "openpcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.2" }, { "model": "simatic batch", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "7.1" }, { "model": "openpcs 7", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc runtime professional", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13" }, { "model": "openpcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic net pc software", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "sppa-t3000 application server", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "r8.2" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "sppa-t3000 application server", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "r8.2" }, { "model": "simatic wincc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic net pc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic batch", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.1" }, { "model": "simatic net pc software", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic openpcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.1" }, { "model": "simatic openpcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.0" }, { "model": "simatic openpcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.1" }, { "model": "simatic openpcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.2" }, { "model": "simatic openpcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "9.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.1" }, { "model": "simatic route control", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.2" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic batch", "version": "8.1" }, { "model": "simatic net pc-software", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v7.1" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.0" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "openpcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "openpcs upd1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003cv9.0" }, { "model": "simatic batch", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.1" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.0" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.1" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.2" }, { "model": "simatic batch upd1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v9.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=v7.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "simatic pcs upd1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003cv9.0" }, { "model": "simatic route control", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v7.1" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.0" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.1" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.2" }, { "model": "simatic route control upd1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v9.0" }, { "model": "simatic wincc runtime professional sp1 upd5", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v14" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=7.2" }, { "model": "simatic wincc upd16", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc sp1 upd4", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "openpcs 7", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic batch", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "openpcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic batch", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic batch", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic batch", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic net pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic route control", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic route control", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic route control", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic route control", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime professional", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime professional", "version": "14" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" } ], "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "CNNVD", "id": "CNNVD-201804-407" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_batch", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_openpcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_route_control", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-004994" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gleb Gritsai", "sources": [ { "db": "CNNVD", "id": "CNNVD-201804-407" } ], "trust": 0.6 }, "cve": "CVE-2018-4832", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2018-4832", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.0, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2018-4832", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2018-07037", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-134863", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2018-4832", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2018-4832", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2018-4832", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2018-4832", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2018-07037", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201804-407", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-134863", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "VULHUB", "id": "VHN-134863" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "CNNVD", "id": "CNNVD-201804-407" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions \u003c V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions \u003c V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions \u003c V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd10), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions \u003c 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions \u003c WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions \u003c WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions \u003c Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural Siemens SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC BATCH, etc. are all industrial automation products from Siemens AG. Siemens OpenPCS, etc. Siemens OpenPCS is a process control system. SIMATIC BATCH is a set of software packages for batch automation. Input validation vulnerabilities exist in several Siemens products", "sources": [ { "db": "NVD", "id": "CVE-2018-4832" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "VULHUB", "id": "VHN-134863" } ], "trust": 2.43 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-4832", "trust": 3.4 }, { "db": "SIEMENS", "id": "SSA-348629", "trust": 2.3 }, { "db": "PACKETSTORM", "id": "155665", "trust": 1.8 }, { "db": "SIEMENS", "id": "SSA-451445", "trust": 1.7 }, { "db": "ICS CERT", "id": "ICSA-18-088-03", "trust": 1.4 }, { "db": "ICS CERT", "id": "ICSA-19-351-02", "trust": 1.4 }, { "db": "CNVD", "id": "CNVD-2018-07037", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201804-407", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2018-004994", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2019.4705", "trust": 0.6 }, { "db": "IVD", "id": "E2EA2F61-39AB-11E9-9643-000C29342CB1", "trust": 0.2 }, { "db": "SEEBUG", "id": "SSVID-98989", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-134863", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "VULHUB", "id": "VHN-134863" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "PACKETSTORM", "id": "155665" }, { "db": "CNNVD", "id": "CNNVD-201804-407" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "id": "VAR-201804-1651", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "VULHUB", "id": "VHN-134863" } ], "trust": 1.6839108491666668 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" } ] }, "last_update_date": "2024-11-23T21:36:20.736000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-348629", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf" }, { "title": "Patch for Siemens SIMATIC Multiple Product Denial of Service Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/176379" }, { "title": "Multiple Siemens Fixes for product input validation vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=83209" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "CNNVD", "id": "CNNVD-201804-407" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-134863" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf" }, { "trust": 2.3, "url": "http://packetstormsecurity.com/files/155665/siemens-security-advisory-sppa-t3000-code-execution.html" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf" }, { "trust": 1.4, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-088-03" }, { "trust": 1.4, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-351-02" }, { "trust": 0.9, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4832" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4832" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.4705/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18303" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18292" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18306" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18297" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18283" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18301" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18287" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18294" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18288" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18307" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18296" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18299" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18291" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18295" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18300" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18284" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18290" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18305" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18302" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18286" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18293" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18285" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18289" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18298" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18304" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "VULHUB", "id": "VHN-134863" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "PACKETSTORM", "id": "155665" }, { "db": "CNNVD", "id": "CNNVD-201804-407" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-07037" }, { "db": "VULHUB", "id": "VHN-134863" }, { "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "db": "PACKETSTORM", "id": "155665" }, { "db": "CNNVD", "id": "CNNVD-201804-407" }, { "db": "NVD", "id": "CVE-2018-4832" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-04-04T00:00:00", "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "date": "2018-04-04T00:00:00", "db": "CNVD", "id": "CNVD-2018-07037" }, { "date": "2018-04-24T00:00:00", "db": "VULHUB", "id": "VHN-134863" }, { "date": "2018-07-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "date": "2019-12-13T15:10:44", "db": "PACKETSTORM", "id": "155665" }, { "date": "2018-04-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201804-407" }, { "date": "2018-04-24T17:29:00.227000", "db": "NVD", "id": "CVE-2018-4832" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-22T00:00:00", "db": "CNVD", "id": "CNVD-2018-07037" }, { "date": "2020-03-10T00:00:00", "db": "VULHUB", "id": "VHN-134863" }, { "date": "2019-12-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-004994" }, { "date": "2022-10-08T00:00:00", "db": "CNNVD", "id": "CNNVD-201804-407" }, { "date": "2024-11-21T04:07:32.557000", "db": "NVD", "id": "CVE-2018-4832" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201804-407" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens SIMATIC Vulnerability related to input validation in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-004994" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation error", "sources": [ { "db": "IVD", "id": "e2ea2f61-39ab-11e9-9643-000c29342cb1" }, { "db": "CNNVD", "id": "CNNVD-201804-407" } ], "trust": 0.8 } }
var-202409-0257
Vulnerability from variot
A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions), SIMATIC Information Server 2022 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC06), SIMATIC Process Historian 2020 (All versions), SIMATIC Process Historian 2022 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 3), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 18), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products run their DB server with elevated privileges which could allow an authenticated attacker to execute arbitrary OS commands with administrative privileges. SIMATIC Information Server is used for reporting and visualization of process data stored in SIMATIC process Historian. SIMATIC Process Historian is a long-term archiving system for SIMATIC PCS 7, SIMATIC WinCC and SIMATIC PCS-neo. It stores process values, alarms and batch data of production plants in its database and provides historical process data for reporting and visualization applications. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Routing Control, OpenPCS 7 and other components. SIMATIC WinCC is a Supervisory Control and Data Acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operator control and monitoring of machines and plants.
Siemens SIMATIC SCADA and PCS 7 systems have a remote code execution vulnerability
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202409-0257", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic process historian", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2020" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v18" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v19" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v9.1" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.0\u003cv8.05" }, { "model": "simatic information server", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic process historian", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2022" }, { "model": "simatic wincc sp2 update", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5\u003cv7.518" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-38013" } ] }, "cve": "CVE-2024-35783", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CNVD-2024-38013", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.3, "id": "CVE-2024-35783", "impactScore": 6.0, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2024-35783", "trust": 1.0, "value": "Critical" }, { "author": "CNVD", "id": "CNVD-2024-38013", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-38013" }, { "db": "NVD", "id": "CVE-2024-35783" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions), SIMATIC Information Server 2022 (All versions), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC06), SIMATIC Process Historian 2020 (All versions), SIMATIC Process Historian 2022 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 5), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 3), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 18), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 5). The affected products run their DB server with elevated privileges which could allow an authenticated attacker to execute arbitrary OS commands with administrative privileges. SIMATIC Information Server is used for reporting and visualization of process data stored in SIMATIC process Historian. SIMATIC Process Historian is a long-term archiving system for SIMATIC PCS 7, SIMATIC WinCC and SIMATIC PCS-neo. It stores process values, alarms and batch data of production plants in its database and provides historical process data for reporting and visualization applications. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Routing Control, OpenPCS 7 and other components. SIMATIC WinCC is a Supervisory Control and Data Acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operator control and monitoring of machines and plants. \n\nSiemens SIMATIC SCADA and PCS 7 systems have a remote code execution vulnerability", "sources": [ { "db": "NVD", "id": "CVE-2024-35783" }, { "db": "CNVD", "id": "CNVD-2024-38013" } ], "trust": 1.44 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "SIEMENS", "id": "SSA-629254", "trust": 1.6 }, { "db": "NVD", "id": "CVE-2024-35783", "trust": 1.6 }, { "db": "CNVD", "id": "CNVD-2024-38013", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-38013" }, { "db": "NVD", "id": "CVE-2024-35783" } ] }, "id": "VAR-202409-0257", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2024-38013" } ], "trust": 1.3129292049999999 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-38013" } ] }, "last_update_date": "2024-11-12T23:27:49.241000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens SIMATIC SCADA and PCS 7 systems remote code execution vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/590336" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-38013" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-250", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2024-35783" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-629254.html" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-38013" }, { "db": "NVD", "id": "CVE-2024-35783" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2024-38013" }, { "db": "NVD", "id": "CVE-2024-35783" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-09-13T00:00:00", "db": "CNVD", "id": "CNVD-2024-38013" }, { "date": "2024-09-10T10:15:09.937000", "db": "NVD", "id": "CVE-2024-35783" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-09-12T00:00:00", "db": "CNVD", "id": "CNVD-2024-38013" }, { "date": "2024-11-12T13:15:07.830000", "db": "NVD", "id": "CVE-2024-35783" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC SCADA and PCS 7 systems remote code execution vulnerability", "sources": [ { "db": "CNVD", "id": "CNVD-2024-38013" } ], "trust": 0.6 } }
var-201812-0343
Vulnerability from variot
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). A directory traversal vulnerability could allow to download arbitrary files from the device. The security vulnerability could be exploited by an attacker with network access to the integrated web server. No user interaction and no authentication is required to exploit the vulnerability. The vulnerability impacts the confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains a path traversal vulnerability.Information may be obtained. Siemens SIMATIC Panels is prone to following security vulnerabilities: 1. An open-redirection vulnerability 2. A directory-traversal vulnerability Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve arbitrary files from the affected system in the context of the application or by constructing a crafted URI and enticing a user to follow it and when an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site. are all HMI software used by Siemens in Germany to control and monitor machines and equipment
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201812-0343", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi mp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi op", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi comfort panels", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi comfort outdoor panels", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic wincc \\", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi tp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi comfort outdoor panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc runtime professional sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional sp1 upd2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional sp update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1319" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc runtime advanced sp1 upd2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime advanced sp1 upd5", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v135" }, { "model": "simatic wincc sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v12" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v120" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v110" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v15" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v136" }, { "model": "simatic wincc sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v10" }, { "model": "simatic hmi ktp mobile panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "22" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic hmi comfort panels sp1 upd2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic hmi comfort panels sp1 upd5", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi classic devices", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime professional update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic wincc runtime advanced update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic hmi ktp mobile panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic hmi comfort panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic hmi comfort outdoor panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" } ], "sources": [ { "db": "BID", "id": "105922" }, { "db": "JVNDB", "id": "JVNDB-2018-014525" }, { "db": "NVD", "id": "CVE-2018-13812" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-014525" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Hosni Tounsi from Carthage Red Team", "sources": [ { "db": "BID", "id": "105922" } ], "trust": 0.3 }, "cve": "CVE-2018-13812", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2018-13812", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-123909", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "id": "CVE-2018-13812", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2018-13812", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2018-13812", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-201811-482", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-123909", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-123909" }, { "db": "JVNDB", "id": "JVNDB-2018-014525" }, { "db": "CNNVD", "id": "CNNVD-201811-482" }, { "db": "NVD", "id": "CVE-2018-13812" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Professional (All versions \u003c V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions \u003c V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). A directory traversal vulnerability could allow to download arbitrary files from the device. The security vulnerability could be exploited by an attacker with network access to the integrated web server. No user interaction and no authentication is required to exploit the vulnerability. The vulnerability impacts the confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains a path traversal vulnerability.Information may be obtained. Siemens SIMATIC Panels is prone to following security vulnerabilities:\n1. An open-redirection vulnerability\n2. A directory-traversal vulnerability\nRemote attackers may use a specially crafted request with directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files from the affected system in the context of the application or by constructing a crafted URI and enticing a user to follow it and when an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site. are all HMI software used by Siemens in Germany to control and monitor machines and equipment", "sources": [ { "db": "NVD", "id": "CVE-2018-13812" }, { "db": "JVNDB", "id": "JVNDB-2018-014525" }, { "db": "BID", "id": "105922" }, { "db": "VULHUB", "id": "VHN-123909" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-13812", "trust": 2.8 }, { "db": "BID", "id": "105922", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-233109", "trust": 1.7 }, { "db": "ICS CERT", "id": "ICSA-18-317-08", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2018-014525", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201811-482", "trust": 0.7 }, { "db": "VULHUB", "id": "VHN-123909", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-123909" }, { "db": "BID", "id": "105922" }, { "db": "JVNDB", "id": "JVNDB-2018-014525" }, { "db": "CNNVD", "id": "CNNVD-201811-482" }, { "db": "NVD", "id": "CVE-2018-13812" } ] }, "id": "VAR-201812-0343", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-123909" } ], "trust": 0.7828699085714284 }, "last_update_date": "2024-11-23T22:17:14.886000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-233109", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf" }, { "title": "Multiple Siemens Product path traversal vulnerability fixes", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86883" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-014525" }, { "db": "CNNVD", "id": "CNNVD-201811-482" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-22", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-123909" }, { "db": "JVNDB", "id": "JVNDB-2018-014525" }, { "db": "NVD", "id": "CVE-2018-13812" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "http://www.securityfocus.com/bid/105922" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf" }, { "trust": 1.7, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-317-08" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13812" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13812" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" } ], "sources": [ { "db": "VULHUB", "id": "VHN-123909" }, { "db": "BID", "id": "105922" }, { "db": "JVNDB", "id": "JVNDB-2018-014525" }, { "db": "CNNVD", "id": "CNNVD-201811-482" }, { "db": "NVD", "id": "CVE-2018-13812" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-123909" }, { "db": "BID", "id": "105922" }, { "db": "JVNDB", "id": "JVNDB-2018-014525" }, { "db": "CNNVD", "id": "CNNVD-201811-482" }, { "db": "NVD", "id": "CVE-2018-13812" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-12-13T00:00:00", "db": "VULHUB", "id": "VHN-123909" }, { "date": "2018-11-14T00:00:00", "db": "BID", "id": "105922" }, { "date": "2019-03-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-014525" }, { "date": "2018-11-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201811-482" }, { "date": "2018-12-13T16:29:00.290000", "db": "NVD", "id": "CVE-2018-13812" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-10-09T00:00:00", "db": "VULHUB", "id": "VHN-123909" }, { "date": "2018-11-14T00:00:00", "db": "BID", "id": "105922" }, { "date": "2019-03-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-014525" }, { "date": "2019-10-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201811-482" }, { "date": "2024-11-21T03:48:07.190000", "db": "NVD", "id": "CVE-2018-13812" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201811-482" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Path traversal vulnerability in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-014525" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "path traversal", "sources": [ { "db": "CNNVD", "id": "CNNVD-201811-482" } ], "trust": 0.6 } }
var-201708-0476
Vulnerability from variot
An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. Siemens industrial products are based on the OPC UAP protocol based on OPC to discover and configure LAN device information.
The Siemens OPC UA protocol has an XML external entity vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions. Siemens SIMATIC PCS and so on are all products of German Siemens (Siemens). Siemens SIMATIC PCS is a process control system. SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201708-0476", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "local discovery server", "scope": "lte", "trust": 1.0, "vendor": "ocpfoundation", "version": "1.01.333.0" }, { "model": "simatic pcs7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "ua .net", "scope": "lte", "trust": 1.0, "vendor": "ocpfoundation", "version": "2017-03-21" }, { "model": "wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "7.3" }, { "model": "local discovery server", "scope": "lt", "trust": 0.8, "vendor": "opc", "version": "1.03.367" }, { "model": "ua .net", "scope": "eq", "trust": 0.8, "vendor": "opc", "version": "2017-03-21" }, { "model": "simatic it production suite", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic net pc software", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic pcs 7", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic it production suite all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic net pc-software", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c=7.1" }, { "model": "simatic wincc sp1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc runtime professional", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc runtime professional sp1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v14" }, { "model": "local discovery server", "scope": "eq", "trust": 0.6, "vendor": "ocpfoundation", "version": "1.01.333.0" }, { "model": "ua .net", "scope": "eq", "trust": 0.6, "vendor": "ocpfoundation", "version": "2017-03-21" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic net pc-software sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software hf1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software sp2 hf3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic it production suite", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "plant connectivity", "scope": "eq", "trust": 0.3, "vendor": "sap", "version": "15.0" }, { "model": "simatic wincc runtime professional sp1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc sp1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "local discovery server", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "ua net", "version": "*" } ], "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "BID", "id": "100559" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:opcfoundation:local_discovery_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:opcfoundation:ua_.net", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_it_production_suite", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-008019" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Sergey Temnikov of Kaspersky Lab.", "sources": [ { "db": "BID", "id": "100559" } ], "trust": 0.3 }, "cve": "CVE-2017-12069", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2017-12069", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.9, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2017-24363", "impactScore": 7.8, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb", "impactScore": 7.8, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-102554", "impactScore": 4.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "exploitabilityScore": 3.9, "id": "CVE-2017-12069", "impactScore": 4.2, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2017-12069", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2017-12069", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2017-24363", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201708-1273", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-102554", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2017-12069", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULHUB", "id": "VHN-102554" }, { "db": "VULMON", "id": "CVE-2017-12069" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions \u003c V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions \u003c V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. Siemens industrial products are based on the OPC UAP protocol based on OPC to discover and configure LAN device information. \n\nThe Siemens OPC UA protocol has an XML external entity vulnerability. \nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions. Siemens SIMATIC PCS and so on are all products of German Siemens (Siemens). Siemens SIMATIC PCS is a process control system. SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system", "sources": [ { "db": "NVD", "id": "CVE-2017-12069" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "BID", "id": "100559" }, { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "VULHUB", "id": "VHN-102554" }, { "db": "VULMON", "id": "CVE-2017-12069" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2017-12069", "trust": 3.7 }, { "db": "SIEMENS", "id": "SSA-535640", "trust": 1.8 }, { "db": "ICS CERT", "id": "ICSA-17-243-01", "trust": 1.6 }, { "db": "BID", "id": "100559", "trust": 1.5 }, { "db": "SECTRACK", "id": "1039510", "trust": 1.2 }, { "db": "CNNVD", "id": "CNNVD-201708-1273", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2017-24363", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-17-243-01B", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2017-008019", "trust": 0.8 }, { "db": "IVD", "id": "E3C681F4-90BE-4763-9EA0-9BF8B55433BB", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-102554", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2017-12069", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULHUB", "id": "VHN-102554" }, { "db": "VULMON", "id": "CVE-2017-12069" }, { "db": "BID", "id": "100559" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "id": "VAR-201708-0476", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULHUB", "id": "VHN-102554" } ], "trust": 1.5183507387500002 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" } ] }, "last_update_date": "2024-11-23T21:40:46.820000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security Update for the OPC UA .NET Sample Code", "trust": 0.8, "url": "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf" }, { "title": "SSA-535640", "trust": 0.8, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf" }, { "title": "Patch for Siemens OPC UA Protocol XML External Entity Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/176381" }, { "title": "Multiple Siemens product OPC Foundation UA .NET Sample Code and Local Discovery Server Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74833" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=0561e5e7e515f186e8a5589cf02f38a8" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULMON", "id": "CVE-2017-12069" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-611", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-102554" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.8, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf" }, { "trust": 1.5, "url": "https://opcfoundation-onlineapplications.org/faq/securitybulletins/opc_foundation_security_bulletin_cve-2017-12069.pdf" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/100559" }, { "trust": 1.2, "url": "http://www.securitytracker.com/id/1039510" }, { "trust": 0.9, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-243-01" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12069" }, { "trust": 0.8, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-243-01b" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12069" }, { "trust": 0.6, "url": "https://support.industry.siemens.com/cs/ww/en/view/109746038" }, { "trust": 0.6, "url": "https://support.industry.siemens.com/cs/ww/en/view/109746276" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-243-01-0" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.3, "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=500633095" }, { "trust": 0.3, "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499356993" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/611.html" }, { "trust": 0.1, "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55504" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-17-243-01-0" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULHUB", "id": "VHN-102554" }, { "db": "VULMON", "id": "CVE-2017-12069" }, { "db": "BID", "id": "100559" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" }, { "db": "VULHUB", "id": "VHN-102554" }, { "db": "VULMON", "id": "CVE-2017-12069" }, { "db": "BID", "id": "100559" }, { "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "db": "NVD", "id": "CVE-2017-12069" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-09-02T00:00:00", "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "date": "2017-09-01T00:00:00", "db": "CNVD", "id": "CNVD-2017-24363" }, { "date": "2017-08-30T00:00:00", "db": "VULHUB", "id": "VHN-102554" }, { "date": "2017-08-30T00:00:00", "db": "VULMON", "id": "CVE-2017-12069" }, { "date": "2017-08-31T00:00:00", "db": "BID", "id": "100559" }, { "date": "2017-10-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "date": "2017-08-30T00:00:00", "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "date": "2017-08-30T19:29:00.210000", "db": "NVD", "id": "CVE-2017-12069" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-28T00:00:00", "db": "CNVD", "id": "CNVD-2017-24363" }, { "date": "2017-10-06T00:00:00", "db": "VULHUB", "id": "VHN-102554" }, { "date": "2017-10-06T00:00:00", "db": "VULMON", "id": "CVE-2017-12069" }, { "date": "2018-10-12T04:00:00", "db": "BID", "id": "100559" }, { "date": "2017-10-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-008019" }, { "date": "2020-08-12T00:00:00", "db": "CNNVD", "id": "CNNVD-201708-1273" }, { "date": "2024-11-21T03:08:46.230000", "db": "NVD", "id": "CVE-2017-12069" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201708-1273" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens OPC UA protocol XML External entity vulnerability", "sources": [ { "db": "IVD", "id": "e3c681f4-90be-4763-9ea0-9bf8b55433bb" }, { "db": "CNVD", "id": "CNVD-2017-24363" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201708-1273" } ], "trust": 0.6 } }
var-201905-1322
Vulnerability from variot
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that was caused by a network system or product that did not properly validate the input data and could be exploited by an attacker to access project files. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1322", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime professional", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.5" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "13.0" }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v14" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "v15" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.1.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.3.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.5 upd3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "13.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "14.x" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.5" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.0 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "8.2.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.4.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "15.x" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "7.2 and earlier" }, { "model": "simatic pcs 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "9.0.x" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v8.1" }, { "model": "simatic wincc", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=7.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc upd3", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5.*\u003cv7.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "6.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "79.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.2" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.53" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.5" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "13.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "14.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "15.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime professional", "version": "*" } ], "sources": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004566" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab, and ChengBin Wang from Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-597" } ], "trust": 0.6 }, "cve": "CVE-2019-10916", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "CVE-2019-10916", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "CNVD-2019-14938", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "5e23f13f-8869-4704-a7f2-72babe1680f8", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.0, "id": "VHN-142510", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2019-10916", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2019-10916", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-10916", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-10916", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2019-14938", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201905-597", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-142510", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "VULHUB", "id": "VHN-142510" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "CNNVD", "id": "CNNVD-201905-597" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that was caused by a network system or product that did not properly validate the input data and could be exploited by an attacker to access project files. Siemens SIMATIC products are prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An SQL injection vulnerability3. \n3. An arbitrary command execution\nExploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. \nThe following Siemens SIMATIC products are affected:\nSIMATIC PCS 7 version 8.0 and prior\nSIMATIC PCS 7 version 8.1\nSIMATIC PCS 7 version 8.2\nSIMATIC PCS 7 version 9.0\nSIMATIC WinCC (TIA Portal) version 13\nSIMATIC WinCC (TIA Portal) version 14\nSIMATIC WinCC (TIA Portal) version 15\nSIMATIC WinCC Runtime Professional, all version\nSIMATIC WinCC version 7.2 and prior\nSIMATIC WinCC version 7.3\nSIMATIC WinCC version 7.4\nSIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3", "sources": [ { "db": "NVD", "id": "CVE-2019-10916" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "BID", "id": "108404" }, { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "VULHUB", "id": "VHN-142510" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-10916", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-19-134-08", "trust": 3.4 }, { "db": "SIEMENS", "id": "SSA-697412", "trust": 1.7 }, { "db": "CNNVD", "id": "CNNVD-201905-597", "trust": 0.9 }, { "db": "BID", "id": "108404", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-14938", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-004566", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-19-134-02", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.1716.2", "trust": 0.6 }, { "db": "IVD", "id": "5E23F13F-8869-4704-A7F2-72BABE1680F8", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-142510", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "VULHUB", "id": "VHN-142510" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "CNNVD", "id": "CNNVD-201905-597" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "id": "VAR-201905-1322", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "VULHUB", "id": "VHN-142510" } ], "trust": 1.5496564849999999 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" } ] }, "last_update_date": "2024-11-23T21:37:16.618000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-697412", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "title": "Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Input Validation Error Vulnerability (NVD-C-2019-65203)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/161835" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-89", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-142510" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-08" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf" }, { "trust": 1.5, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-08" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10916" }, { "trust": 1.2, "url": "http://www.securityfocus.com/bid/108404" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10916" }, { "trust": 0.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80946" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "VULHUB", "id": "VHN-142510" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "CNNVD", "id": "CNNVD-201905-597" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "db": "CNVD", "id": "CNVD-2019-14938" }, { "db": "VULHUB", "id": "VHN-142510" }, { "db": "BID", "id": "108404" }, { "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "db": "CNNVD", "id": "CNNVD-201905-597" }, { "db": "NVD", "id": "CVE-2019-10916" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "IVD", "id": "5e23f13f-8869-4704-a7f2-72babe1680f8" }, { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14938" }, { "date": "2019-05-14T00:00:00", "db": "VULHUB", "id": "VHN-142510" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108404" }, { "date": "2019-06-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "date": "2019-05-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-597" }, { "date": "2019-05-14T20:29:02.293000", "db": "NVD", "id": "CVE-2019-10916" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-21T00:00:00", "db": "CNVD", "id": "CNVD-2019-14938" }, { "date": "2019-10-10T00:00:00", "db": "VULHUB", "id": "VHN-142510" }, { "date": "2019-05-22T06:00:00", "db": "BID", "id": "108404" }, { "date": "2019-07-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004566" }, { "date": "2022-03-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-597" }, { "date": "2024-11-21T04:20:08.653000", "db": "NVD", "id": "CVE-2019-10916" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-597" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Vulnerability related to input validation in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004566" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "SQL injection", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-597" } ], "trust": 0.6 } }
var-201812-0344
Vulnerability from variot
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The webserver of affected HMI devices may allow URL redirections to untrusted websites. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an open redirect vulnerability.Information may be obtained and information may be altered. Siemens SIMATIC HMI Comfort Panels are all Germany's Siemens (Siemens) company HMI software for control and monitoring of machines and equipment.
The webserver in several Siemens products has an open redirection vulnerability. Siemens SIMATIC Panels is prone to following security vulnerabilities: 1. An open-redirection vulnerability 2. A directory-traversal vulnerability Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve arbitrary files from the affected system in the context of the application or by constructing a crafted URI and enticing a user to follow it and when an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201812-0344", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi mp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi op", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi comfort panels", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi comfort outdoor panels", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic wincc \\", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi tp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "15.0" }, { "model": "simatic hmi comfort outdoor panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi classic devices", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort outdoor panels 7\" \u0026 15\" update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "154" }, { "model": "simatic hmi comfort panels 4\"-22\" update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "154" }, { "model": "simatic hmi ktp mobile panels update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "154" }, { "model": "simatic wincc update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "154" }, { "model": "simatic wincc runtime advanced update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "154" }, { "model": "simatic wincc runtime professional update", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "154" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "simatic wincc runtime", "version": "*" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc runtime professional sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional sp1 upd2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime professional sp update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1319" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc runtime advanced sp1 upd2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime advanced sp1 upd5", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v135" }, { "model": "simatic wincc sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v12" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v120" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v110" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v15" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v136" }, { "model": "simatic wincc sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v10" }, { "model": "simatic hmi ktp mobile panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "22" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic hmi comfort panels sp1 upd2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic hmi comfort panels sp1 upd5", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi classic devices", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime professional update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic wincc runtime advanced update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic hmi ktp mobile panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic hmi comfort panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": "simatic hmi comfort outdoor panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "154" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi comfort panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi mp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi op", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi comfort outdoor panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp400f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp700", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp700f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp900", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp900f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi tp", "version": "*" } ], "sources": [ { "db": "IVD", "id": "e30112c1-39ab-11e9-9eae-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-24247" }, { "db": "BID", "id": "105922" }, { "db": "JVNDB", "id": "JVNDB-2018-014526" }, { "db": "NVD", "id": "CVE-2018-13813" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-014526" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Hosni Tounsi from Carthage Red Team", "sources": [ { "db": "BID", "id": "105922" } ], "trust": 0.3 }, "cve": "CVE-2018-13813", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2018-13813", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2018-24247", "impactScore": 6.9, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "e30112c1-39ab-11e9-9eae-000c29342cb1", "impactScore": 6.9, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-123910", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2018-13813", "impactScore": 5.2, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2018-13813", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2018-13813", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2018-24247", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201811-483", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "e30112c1-39ab-11e9-9eae-000c29342cb1", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-123910", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "e30112c1-39ab-11e9-9eae-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-24247" }, { "db": "VULHUB", "id": "VHN-123910" }, { "db": "JVNDB", "id": "JVNDB-2018-014526" }, { "db": "CNNVD", "id": "CNNVD-201811-483" }, { "db": "NVD", "id": "CVE-2018-13813" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Professional (All versions \u003c V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions \u003c V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The webserver of affected HMI devices may allow URL redirections to untrusted websites. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an open redirect vulnerability.Information may be obtained and information may be altered. Siemens SIMATIC HMI Comfort Panels are all Germany\u0027s Siemens (Siemens) company HMI software for control and monitoring of machines and equipment. \n\nThe webserver in several Siemens products has an open redirection vulnerability. Siemens SIMATIC Panels is prone to following security vulnerabilities:\n1. An open-redirection vulnerability\n2. A directory-traversal vulnerability\nRemote attackers may use a specially crafted request with directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files from the affected system in the context of the application or by constructing a crafted URI and enticing a user to follow it and when an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site", "sources": [ { "db": "NVD", "id": "CVE-2018-13813" }, { "db": "JVNDB", "id": "JVNDB-2018-014526" }, { "db": "CNVD", "id": "CNVD-2018-24247" }, { "db": "BID", "id": "105922" }, { "db": "IVD", "id": "e30112c1-39ab-11e9-9eae-000c29342cb1" }, { "db": "VULHUB", "id": "VHN-123910" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-13813", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-233109", "trust": 2.3 }, { "db": "ICS CERT", "id": "ICSA-18-317-08", "trust": 2.3 }, { "db": "BID", "id": "105922", "trust": 2.0 }, { "db": "CNNVD", "id": "CNNVD-201811-483", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2018-24247", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2018-014526", "trust": 0.8 }, { "db": "IVD", "id": "E30112C1-39AB-11E9-9EAE-000C29342CB1", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-123910", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "e30112c1-39ab-11e9-9eae-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-24247" }, { "db": "VULHUB", "id": "VHN-123910" }, { "db": "BID", "id": "105922" }, { "db": "JVNDB", "id": "JVNDB-2018-014526" }, { "db": "CNNVD", "id": "CNNVD-201811-483" }, { "db": "NVD", "id": "CVE-2018-13813" } ] }, "id": "VAR-201812-0344", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e30112c1-39ab-11e9-9eae-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-24247" }, { "db": "VULHUB", "id": "VHN-123910" } ], "trust": 1.59438617 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e30112c1-39ab-11e9-9eae-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-24247" } ] }, "last_update_date": "2024-11-23T22:17:14.847000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-233109", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf" }, { "title": "Patch for Multiple Siemens products open redirection vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/176377" }, { "title": "Multiple Siemens Product security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86884" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-24247" }, { "db": "JVNDB", "id": "JVNDB-2018-014526" }, { "db": "CNNVD", "id": "CNNVD-201811-483" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-601", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-123910" }, { "db": "JVNDB", "id": "JVNDB-2018-014526" }, { "db": "NVD", "id": "CVE-2018-13813" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf" }, { "trust": 2.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-317-08" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/105922" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13813" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13813" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-24247" }, { "db": "VULHUB", "id": "VHN-123910" }, { "db": "BID", "id": "105922" }, { "db": "JVNDB", "id": "JVNDB-2018-014526" }, { "db": "CNNVD", "id": "CNNVD-201811-483" }, { "db": "NVD", "id": "CVE-2018-13813" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e30112c1-39ab-11e9-9eae-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-24247" }, { "db": "VULHUB", "id": "VHN-123910" }, { "db": "BID", "id": "105922" }, { "db": "JVNDB", "id": "JVNDB-2018-014526" }, { "db": "CNNVD", "id": "CNNVD-201811-483" }, { "db": "NVD", "id": "CVE-2018-13813" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-11-29T00:00:00", "db": "IVD", "id": "e30112c1-39ab-11e9-9eae-000c29342cb1" }, { "date": "2018-11-29T00:00:00", "db": "CNVD", "id": "CNVD-2018-24247" }, { "date": "2018-12-13T00:00:00", "db": "VULHUB", "id": "VHN-123910" }, { "date": "2018-11-14T00:00:00", "db": "BID", "id": "105922" }, { "date": "2019-03-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-014526" }, { "date": "2018-11-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201811-483" }, { "date": "2018-12-13T16:29:00.320000", "db": "NVD", "id": "CVE-2018-13813" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-22T00:00:00", "db": "CNVD", "id": "CNVD-2018-24247" }, { "date": "2019-10-09T00:00:00", "db": "VULHUB", "id": "VHN-123910" }, { "date": "2018-11-14T00:00:00", "db": "BID", "id": "105922" }, { "date": "2019-03-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-014526" }, { "date": "2019-10-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201811-483" }, { "date": "2024-11-21T03:48:07.380000", "db": "NVD", "id": "CVE-2018-13813" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201811-483" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Open redirect vulnerability in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-014526" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation error", "sources": [ { "db": "IVD", "id": "e30112c1-39ab-11e9-9eae-000c29342cb1" }, { "db": "BID", "id": "105922" }, { "db": "CNNVD", "id": "CNNVD-201811-483" } ], "trust": 1.1 } }
var-201905-0115
Vulnerability from variot
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Multiple Siemens Products are prone to following security vulnerabilities: 1. An information-disclosure vulnerability 2. A cross-site-scripting vulnerability 3. A security vulnerability An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use. The vulnerability stems from the lack of correct validation of client data in WEB applications
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0115", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic hmi comfort outdoor panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc \\", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi mp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi comfort panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi op", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi tp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi comfort outdoor panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v15.1" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v15" }, { "model": "simatic hmi ktp mobile panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15" }, { "model": "simatic hmi classic devices", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime professional update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v15.11" }, { "model": "simatic wincc runtime advanced update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v15.11" }, { "model": "simatic hmi ktp mobile update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" }, { "model": "simatic hmi comfort panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" }, { "model": "simatic hmi comfort outdoor panels update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "15.11" } ], "sources": [ { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004634" }, { "db": "NVD", "id": "CVE-2019-6577" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004634" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens ProductCERT reported these vulnerabilities to NCCIC.,Siemens ProductCERT", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-588" } ], "trust": 0.6 }, "cve": "CVE-2019-6577", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "exploitabilityScore": 6.8, "id": "CVE-2019-6577", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "LOW", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "exploitabilityScore": 6.8, "id": "VHN-158012", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "LOW", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 2.3, "id": "CVE-2019-6577", "impactScore": 2.7, "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "trust": 1.8, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-6577", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2019-6577", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-201905-588", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-158012", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-158012" }, { "db": "JVNDB", "id": "JVNDB-2019-004634" }, { "db": "CNNVD", "id": "CNNVD-201905-588" }, { "db": "NVD", "id": "CVE-2019-6577" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known. plural SIMATIC The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Multiple Siemens Products are prone to following security vulnerabilities:\n1. An information-disclosure vulnerability\n2. A cross-site-scripting vulnerability\n3. A security vulnerability\nAn attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Siemens SIMATIC WinCC, etc. are all products of Siemens (Siemens) in Germany. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Siemens SIMATIC HMI Comfort Panels is a touch panel device. Siemens SIMATIC HMI Comfort Outdoor Panels is a touch panel device specially designed for outdoor use. The vulnerability stems from the lack of correct validation of client data in WEB applications", "sources": [ { "db": "NVD", "id": "CVE-2019-6577" }, { "db": "JVNDB", "id": "JVNDB-2019-004634" }, { "db": "BID", "id": "108412" }, { "db": "VULHUB", "id": "VHN-158012" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-6577", "trust": 2.8 }, { "db": "ICS CERT", "id": "ICSA-19-134-09", "trust": 2.8 }, { "db": "BID", "id": "108412", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-804486", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2019-004634", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201905-588", "trust": 0.7 }, { "db": "ICS CERT", "id": "ICSA-19-134-02", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.1716.2", "trust": 0.6 }, { "db": "CNVD", "id": "CNVD-2021-54365", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-158012", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158012" }, { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004634" }, { "db": "CNNVD", "id": "CNNVD-201905-588" }, { "db": "NVD", "id": "CVE-2019-6577" } ] }, "id": "VAR-201905-0115", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-158012" } ], "trust": 0.7545892989999999 }, "last_update_date": "2024-11-23T21:37:16.753000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-804486", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf" }, { "title": "Siemens SIMATIC Panels and WinCC Fixes for cross-site scripting vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92738" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004634" }, { "db": "CNNVD", "id": "CNNVD-201905-588" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-79", "trust": 1.9 }, { "problemtype": "CWE-80", "trust": 1.0 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158012" }, { "db": "JVNDB", "id": "JVNDB-2019-004634" }, { "db": "NVD", "id": "CVE-2019-6577" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "http://www.securityfocus.com/bid/108412" }, { "trust": 1.9, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-09" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6577" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.9, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-09" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6577" }, { "trust": 0.6, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29288" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/80946" } ], "sources": [ { "db": "VULHUB", "id": "VHN-158012" }, { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004634" }, { "db": "CNNVD", "id": "CNNVD-201905-588" }, { "db": "NVD", "id": "CVE-2019-6577" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-158012" }, { "db": "BID", "id": "108412" }, { "db": "JVNDB", "id": "JVNDB-2019-004634" }, { "db": "CNNVD", "id": "CNNVD-201905-588" }, { "db": "NVD", "id": "CVE-2019-6577" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-14T00:00:00", "db": "VULHUB", "id": "VHN-158012" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108412" }, { "date": "2019-06-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004634" }, { "date": "2019-05-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-588" }, { "date": "2019-05-14T20:29:04.623000", "db": "NVD", "id": "CVE-2019-6577" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-22T00:00:00", "db": "VULHUB", "id": "VHN-158012" }, { "date": "2019-05-14T00:00:00", "db": "BID", "id": "108412" }, { "date": "2019-07-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-004634" }, { "date": "2019-05-23T00:00:00", "db": "CNNVD", "id": "CNNVD-201905-588" }, { "date": "2024-11-21T04:46:44.267000", "db": "NVD", "id": "CVE-2019-6577" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-588" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Product cross-site scripting vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-004634" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "XSS", "sources": [ { "db": "CNNVD", "id": "CNNVD-201905-588" } ], "trust": 0.6 } }
var-201702-0669
Vulnerability from variot
Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC PDM and SIMATIC IT are all industrial automation products from Siemens AG.
There is a certification bypass vulnerability in SIEMENS SIMATIC Logon. An attacker could exploit the vulnerability to bypass authentication mechanisms and perform unauthorized operations. This may aid in further attacks. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. A security vulnerability exists in versions prior to SIMATIC Logon 1.5 SP3 Update 2 in several Siemens SIMATIC products. The following products and versions are affected: Siemens SIMATIC WinCC Version 7.x; SIMATIC WinCC Runtime Professional; SIMATIC PCS 7; SIMATIC PDM; SIMATIC IT
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0669", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic logon", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "1.5" }, { "model": "simatic logon", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "1.5 sp3 update 2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.x" }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7" }, { "model": "simatic pdm", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic it", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic logon", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1.5" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.41" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.32" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.310" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.31" }, { "model": "simatic wincc upd4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.29" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.28" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.21" }, { "model": "simatic wincc upd4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc upd11", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc sp3 upd", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.08" }, { "model": "simatic wincc sp3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc sp2 upd", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.012" }, { "model": "simatic wincc sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc sp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.03" }, { "model": "simatic wincc sp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.02" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic pdm", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.2" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78" }, { "model": "simatic pcs sp4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic logon", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic it", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic logon sp3 update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "1.52" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic logon", "version": "*" } ], "sources": [ { "db": "IVD", "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945" }, { "db": "CNVD", "id": "CNVD-2017-01343" }, { "db": "BID", "id": "96208" }, { "db": "JVNDB", "id": "JVNDB-2017-002227" }, { "db": "CNNVD", "id": "CNNVD-201702-612" }, { "db": "NVD", "id": "CVE-2017-2684" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_logon", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-002227" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vendor reported the issue.", "sources": [ { "db": "BID", "id": "96208" } ], "trust": 0.3 }, "cve": "CVE-2017-2684", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2017-2684", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 4.9, "id": "CNVD-2017-01343", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 4.9, "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-110887", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.2, "id": "CVE-2017-2684", "impactScore": 6.0, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2017-2684", "trust": 1.0, "value": "CRITICAL" }, { "author": "NVD", "id": "CVE-2017-2684", "trust": 0.8, "value": "Critical" }, { "author": "CNVD", "id": "CNVD-2017-01343", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201702-612", "trust": 0.6, "value": "CRITICAL" }, { "author": "IVD", "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945", "trust": 0.2, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-110887", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945" }, { "db": "CNVD", "id": "CNVD-2017-01343" }, { "db": "VULHUB", "id": "VHN-110887" }, { "db": "JVNDB", "id": "JVNDB-2017-002227" }, { "db": "CNNVD", "id": "CNNVD-201702-612" }, { "db": "NVD", "id": "CVE-2017-2684" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication. SIMATIC WinCC, SIMATIC PCS 7, SIMATIC PDM and SIMATIC IT are all industrial automation products from Siemens AG. \n\nThere is a certification bypass vulnerability in SIEMENS SIMATIC Logon. An attacker could exploit the vulnerability to bypass authentication mechanisms and perform unauthorized operations. This may aid in further attacks. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. A security vulnerability exists in versions prior to SIMATIC Logon 1.5 SP3 Update 2 in several Siemens SIMATIC products. The following products and versions are affected: Siemens SIMATIC WinCC Version 7.x; SIMATIC WinCC Runtime Professional; SIMATIC PCS 7; SIMATIC PDM; SIMATIC IT", "sources": [ { "db": "NVD", "id": "CVE-2017-2684" }, { "db": "JVNDB", "id": "JVNDB-2017-002227" }, { "db": "CNVD", "id": "CNVD-2017-01343" }, { "db": "BID", "id": "96208" }, { "db": "IVD", "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945" }, { "db": "VULHUB", "id": "VHN-110887" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2017-2684", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-931064", "trust": 2.3 }, { "db": "BID", "id": "96208", "trust": 2.0 }, { "db": "ICS CERT", "id": "ICSA-17-045-03", "trust": 1.1 }, { "db": "CNNVD", "id": "CNNVD-201702-612", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2017-01343", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2017-002227", "trust": 0.8 }, { "db": "IVD", "id": "9BC72032-E004-41AC-BCE6-0E6FF85B8945", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-110887", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945" }, { "db": "CNVD", "id": "CNVD-2017-01343" }, { "db": "VULHUB", "id": "VHN-110887" }, { "db": "BID", "id": "96208" }, { "db": "JVNDB", "id": "JVNDB-2017-002227" }, { "db": "CNNVD", "id": "CNNVD-201702-612" }, { "db": "NVD", "id": "CVE-2017-2684" } ] }, "id": "VAR-201702-0669", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945" }, { "db": "CNVD", "id": "CNVD-2017-01343" }, { "db": "VULHUB", "id": "VHN-110887" } ], "trust": 1.5551800569999998 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945" }, { "db": "CNVD", "id": "CNVD-2017-01343" } ] }, "last_update_date": "2024-11-23T22:18:06.049000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-931064", "trust": 0.8, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf" }, { "title": "Patch for SIEMENS SIMATIC Logon Certification Bypass Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/176385" }, { "title": "Multiple Siemens SIMATIC Product security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68203" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-01343" }, { "db": "JVNDB", "id": "JVNDB-2017-002227" }, { "db": "CNNVD", "id": "CNNVD-201702-612" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-592", "trust": 1.0 }, { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-284", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-110887" }, { "db": "JVNDB", "id": "JVNDB-2017-002227" }, { "db": "NVD", "id": "CVE-2017-2684" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-931064.pdf" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/96208" }, { "trust": 1.1, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-045-03" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2684" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2684" }, { "trust": 0.6, "url": "http://www.siemens.com/cert/en/cert-security-advisories.htm" }, { "trust": 0.3, "url": "http://www.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-01343" }, { "db": "VULHUB", "id": "VHN-110887" }, { "db": "BID", "id": "96208" }, { "db": "JVNDB", "id": "JVNDB-2017-002227" }, { "db": "CNNVD", "id": "CNNVD-201702-612" }, { "db": "NVD", "id": "CVE-2017-2684" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945" }, { "db": "CNVD", "id": "CNVD-2017-01343" }, { "db": "VULHUB", "id": "VHN-110887" }, { "db": "BID", "id": "96208" }, { "db": "JVNDB", "id": "JVNDB-2017-002227" }, { "db": "CNNVD", "id": "CNNVD-201702-612" }, { "db": "NVD", "id": "CVE-2017-2684" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-02-14T00:00:00", "db": "IVD", "id": "9bc72032-e004-41ac-bce6-0e6ff85b8945" }, { "date": "2017-02-14T00:00:00", "db": "CNVD", "id": "CNVD-2017-01343" }, { "date": "2017-02-22T00:00:00", "db": "VULHUB", "id": "VHN-110887" }, { "date": "2017-02-14T00:00:00", "db": "BID", "id": "96208" }, { "date": "2017-04-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-002227" }, { "date": "2017-02-20T00:00:00", "db": "CNNVD", "id": "CNNVD-201702-612" }, { "date": "2017-02-22T02:59:00.153000", "db": "NVD", "id": "CVE-2017-2684" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-22T00:00:00", "db": "CNVD", "id": "CNVD-2017-01343" }, { "date": "2019-10-09T00:00:00", "db": "VULHUB", "id": "VHN-110887" }, { "date": "2017-03-07T04:02:00", "db": "BID", "id": "96208" }, { "date": "2017-09-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-002227" }, { "date": "2019-10-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201702-612" }, { "date": "2024-11-21T03:23:58.447000", "db": "NVD", "id": "CVE-2017-2684" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201702-612" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens SIMATIC Logon Vulnerabilities that bypass application-level authentication", "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-002227" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "lack of information", "sources": [ { "db": "CNNVD", "id": "CNNVD-201702-612" } ], "trust": 0.6 } }
var-202405-0210
Vulnerability from variot
A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINEC NMS (All versions < V3.0 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions < V3.3.12), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel. S7 PCT (Port Configuration Tool) is a PC-based software for parameterizing Siemens IO-Link master modules and third-party IO-Link devices. Security Configuration Tool (SCT) is an engineering software for safety devices such as SCALANCE-S or CP 443-1Advanced. SIMATIC Automation Tool allows commissioning, adjustment and service in combination with S7-1200 and S7-1500 controllers without an engineering framework. SIMATIC NET PC software is a separately sold software product for implementing communication products for SIMATIC.NET. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC PDM (Process Device Manager) is a universal, manufacturer-independent tool for configuration, parameter assignment, commissioning, diagnostics and maintenance of intelligent process devices (actuators, sensors) and automation components (remote I/O, multiplexers, process control units, compact controllers). SIMATIC STEP 7 V5 is the classic engineering software for configuring and programming SIMATIC S7-300/S7-400/C7/WinAC controllers. SIMATIC WinCC is a Supervisory Control and Data Acquisition (SCADA) system. SIMATIC WinCC Open Architecture (OA) is part of the SIMATIC HMI family. It is designed for applications that require a high degree of customer-specific adaptability, large or complex applications, and projects that impose specific system requirements or functions. SIMATIC WinCC Runtime Advanced is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Unified PC Runtime is a new visualization runtime platform for operator control and monitoring of machines and plants. SINAMICS Startdrive commissioning software is the engineering tool for integrating SINAMICS drives in the TIA Portal. SINUMERIK CNC provides automation solutions for workshops, shop floors and large serial production environments. SINUMERIK ONE is a digital native CNC system. Totally Integrated Automation Portal (TIA Portal) is a PC software that provides the complete range of Siemens digital automation services, from digital planning and integrated engineering to transparent operation. TIA Portal Cloud Connector enables access to local PG/PC interfaces and connected SIMATIC hardware from TIA Portal Engineering when engineering via remote desktop on a private cloud server
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202405-0210", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "security configuration tool", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic automation tool", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic net pc software", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc oa", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v3.17" }, { "model": "totally integrated automation portal", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v16" }, { "model": "totally integrated automation portal", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v17" }, { "model": "totally integrated automation portal", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v18" }, { "model": "totally integrated automation portal", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v15.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v9.1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v17" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v18" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v19" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v8.0" }, { "model": "totally integrated automation portal update", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v19\u003cv192" }, { "model": "tia portal cloud connector", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.0" }, { "model": "sinumerik plc programming tool", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinumerik one virtual", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v6.23" }, { "model": "sinamics startdrive sp1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v19" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.5" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc unified pc runtime", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v16" }, { "model": "simatic wincc oa p010", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v3.19\u003cv3.19" }, { "model": "simatic wincc oa p025", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v3.18\u003cv3.18" }, { "model": "simatic step", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7v5" }, { "model": "simatic route control", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v9.1" }, { "model": "simatic pdm", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v9.2" }, { "model": "simatic batch", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v9.1" }, { "model": "s7-pct", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-24524" } ] }, "cve": "CVE-2023-46280", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 4.6, "confidentialityImpact": "NONE", "exploitabilityScore": 3.1, "id": "CNVD-2024-24524", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.0, "id": "CVE-2023-46280", "impactScore": 4.0, "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2023-46280", "trust": 1.0, "value": "High" }, { "author": "CNVD", "id": "CNVD-2024-24524", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-24524" }, { "db": "NVD", "id": "CVE-2023-46280" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions \u003c V5.0 SP2), SIMATIC BATCH V9.1 (All versions \u003c V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions \u003c V18 SP1), SIMATIC NET PC Software V19 (All versions \u003c V19 Update 2), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions \u003c V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions \u003c V9.1 SP2 Upd3), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions \u003c V3.18 P025), SIMATIC WinCC OA V3.19 (All versions \u003c V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions \u003c V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 2), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 5), SINAMICS Startdrive (All versions \u003c V19 SP1), SINEC NMS (All versions \u003c V3.0), SINEC NMS (All versions \u003c V3.0 SP1), SINUMERIK ONE virtual (All versions \u003c V6.23), SINUMERIK PLC Programming Tool (All versions \u003c V3.3.12), TIA Portal Cloud Connector (All versions \u003c V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions \u003c V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel. S7 PCT (Port Configuration Tool) is a PC-based software for parameterizing Siemens IO-Link master modules and third-party IO-Link devices. Security Configuration Tool (SCT) is an engineering software for safety devices such as SCALANCE-S or CP 443-1Advanced. SIMATIC Automation Tool allows commissioning, adjustment and service in combination with S7-1200 and S7-1500 controllers without an engineering framework. SIMATIC NET PC software is a separately sold software product for implementing communication products for SIMATIC.NET. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC PDM (Process Device Manager) is a universal, manufacturer-independent tool for configuration, parameter assignment, commissioning, diagnostics and maintenance of intelligent process devices (actuators, sensors) and automation components (remote I/O, multiplexers, process control units, compact controllers). SIMATIC STEP 7 V5 is the classic engineering software for configuring and programming SIMATIC S7-300/S7-400/C7/WinAC controllers. SIMATIC WinCC is a Supervisory Control and Data Acquisition (SCADA) system. SIMATIC WinCC Open Architecture (OA) is part of the SIMATIC HMI family. It is designed for applications that require a high degree of customer-specific adaptability, large or complex applications, and projects that impose specific system requirements or functions. SIMATIC WinCC Runtime Advanced is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Unified PC Runtime is a new visualization runtime platform for operator control and monitoring of machines and plants. SINAMICS Startdrive commissioning software is the engineering tool for integrating SINAMICS drives in the TIA Portal. SINUMERIK CNC provides automation solutions for workshops, shop floors and large serial production environments. SINUMERIK ONE is a digital native CNC system. Totally Integrated Automation Portal (TIA Portal) is a PC software that provides the complete range of Siemens digital automation services, from digital planning and integrated engineering to transparent operation. TIA Portal Cloud Connector enables access to local PG/PC interfaces and connected SIMATIC hardware from TIA Portal Engineering when engineering via remote desktop on a private cloud server", "sources": [ { "db": "NVD", "id": "CVE-2023-46280" }, { "db": "CNVD", "id": "CNVD-2024-24524" } ], "trust": 1.44 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "SIEMENS", "id": "SSA-962515", "trust": 1.6 }, { "db": "NVD", "id": "CVE-2023-46280", "trust": 1.6 }, { "db": "SIEMENS", "id": "SSA-784301", "trust": 1.0 }, { "db": "SIEMENS", "id": "SSA-331112", "trust": 1.0 }, { "db": "CNVD", "id": "CNVD-2024-24524", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-24524" }, { "db": "NVD", "id": "CVE-2023-46280" } ] }, "id": "VAR-202405-0210", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2024-24524" } ], "trust": 1.2706952166666667 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-24524" } ] }, "last_update_date": "2024-11-13T19:49:07.316000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens Industrial Products Out-of-Bounds Read Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/547666" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-24524" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-125", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2023-46280" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-962515.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-331112.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2024-24524" }, { "db": "NVD", "id": "CVE-2023-46280" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2024-24524" }, { "db": "NVD", "id": "CVE-2023-46280" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-05-30T00:00:00", "db": "CNVD", "id": "CNVD-2024-24524" }, { "date": "2024-05-14T16:15:40.800000", "db": "NVD", "id": "CVE-2023-46280" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-05-28T00:00:00", "db": "CNVD", "id": "CNVD-2024-24524" }, { "date": "2024-11-12T13:15:05.960000", "db": "NVD", "id": "CVE-2023-46280" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens Industrial Products Out-of-Bounds Read Vulnerability", "sources": [ { "db": "CNVD", "id": "CNVD-2024-24524" } ], "trust": 0.6 } }
var-201705-3974
Vulnerability from variot
A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface. Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional are industrial automation products from Siemens AG. SIMATIC WinCC is a monitoring and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is the control and monitoring of the operator's visual runtime platform machines and equipment. Multiple SIMATIC WinCC Products are prone to a denial-of-service vulnerability. The following products are vulnerable: SIMATIC WinCC 7.3 versions prior to 7.3 Update 11 SIMATIC WinCC 7.4 versions prior to 7.4 SP1 SIMATIC WinCC Runtime Professional 13 versions prior to 13 SP2 SIMATIC WinCC Runtime Professional 14 versions prior to 14 SP1 SIMATIC WinCC (TIA Portal) Professional 13 versions prior to 13 SP2 SIMATIC WinCC (TIA Portal) Professional 14 versions prior to 14 SP1. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. Security vulnerabilities exist in several Siemens products
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3974", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc", "scope": "eq", "trust": 1.9, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.9, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "14 sp1" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.3 update 11" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.4 sp1" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc runtime professional", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "14 sp1" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "13 sp2" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "13 sp2" }, { "model": "simatic wincc runtime professional", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc upd", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v7.311" }, { "model": "simatic wincc sp1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v7.4" }, { "model": "simatic wincc runtime professional sp2", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc runtime professional sp1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v14" }, { "model": "simatic wincc professional sp2", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v13" }, { "model": "simatic wincc professional sp1", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v14" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.32" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.310" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.31" }, { "model": "simatic wincc runtime professional sp1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc professional sp1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc professional sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc sp1", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc update", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.311" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "13" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": "14" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime", "version": "13" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime", "version": "14" } ], "sources": [ { "db": "IVD", "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39" }, { "db": "CNVD", "id": "CNVD-2017-06154" }, { "db": "BID", "id": "98368" }, { "db": "JVNDB", "id": "JVNDB-2017-004058" }, { "db": "CNNVD", "id": "CNNVD-201703-630" }, { "db": "NVD", "id": "CVE-2017-6867" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:siemens:simatic_wincc", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29", "vulnerable": true }, { "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-004058" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Sergey Temnikov and Vladimir Dashchenko of the Kaspersky Lab Critical Infrastructure Defense Team", "sources": [ { "db": "BID", "id": "98368" } ], "trust": 0.3 }, "cve": "CVE-2017-6867", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "exploitabilityScore": 8.0, "id": "CVE-2017-6867", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2017-06154", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "exploitabilityScore": 8.0, "id": "VHN-115070", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 1.2, "id": "CVE-2017-6867", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.8, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2017-6867", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2017-6867", "trust": 0.8, "value": "Medium" }, { "author": "CNVD", "id": "CNVD-2017-06154", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201703-630", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-115070", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39" }, { "db": "CNVD", "id": "CNVD-2017-06154" }, { "db": "VULHUB", "id": "VHN-115070" }, { "db": "JVNDB", "id": "JVNDB-2017-004058" }, { "db": "CNNVD", "id": "CNNVD-201703-630" }, { "db": "NVD", "id": "CVE-2017-6867" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the \"administrators\" group to crash services by sending specially crafted messages to the DCOM interface. Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional are industrial automation products from Siemens AG. SIMATIC WinCC is a monitoring and data acquisition (SCADA) system. SIMATIC WinCC Runtime Professional is the control and monitoring of the operator\u0027s visual runtime platform machines and equipment. Multiple SIMATIC WinCC Products are prone to a denial-of-service vulnerability. \nThe following products are vulnerable:\nSIMATIC WinCC 7.3 versions prior to 7.3 Update 11\nSIMATIC WinCC 7.4 versions prior to 7.4 SP1\nSIMATIC WinCC Runtime Professional 13 versions prior to 13 SP2\nSIMATIC WinCC Runtime Professional 14 versions prior to 14 SP1\nSIMATIC WinCC (TIA Portal) Professional 13 versions prior to 13 SP2\nSIMATIC WinCC (TIA Portal) Professional 14 versions prior to 14 SP1. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC. Security vulnerabilities exist in several Siemens products", "sources": [ { "db": "NVD", "id": "CVE-2017-6867" }, { "db": "JVNDB", "id": "JVNDB-2017-004058" }, { "db": "CNVD", "id": "CNVD-2017-06154" }, { "db": "BID", "id": "98368" }, { "db": "IVD", "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39" }, { "db": "VULHUB", "id": "VHN-115070" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2017-6867", "trust": 3.6 }, { "db": "SIEMENS", "id": "SSA-156872", "trust": 2.3 }, { "db": "BID", "id": "98368", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-523365", "trust": 1.1 }, { "db": "CNNVD", "id": "CNNVD-201703-630", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2017-06154", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-17-306-01", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2017-004058", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-17-129-03", "trust": 0.3 }, { "db": "IVD", "id": "81C5D14F-8537-4B60-AA16-B99AEC0C6E39", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-115070", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39" }, { "db": "CNVD", "id": "CNVD-2017-06154" }, { "db": "VULHUB", "id": "VHN-115070" }, { "db": "BID", "id": "98368" }, { "db": "JVNDB", "id": "JVNDB-2017-004058" }, { "db": "CNNVD", "id": "CNNVD-201703-630" }, { "db": "NVD", "id": "CVE-2017-6867" } ] }, "id": "VAR-201705-3974", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39" }, { "db": "CNVD", "id": "CNVD-2017-06154" }, { "db": "VULHUB", "id": "VHN-115070" } ], "trust": 1.576931954 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39" }, { "db": "CNVD", "id": "CNVD-2017-06154" } ] }, "last_update_date": "2024-11-23T22:07:25.708000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-156872", "trust": 0.8, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf" }, { "title": "Patch for Siemens SIMATIC WinCC and SIMATIC WinCC Runtime Professional Denial of Service Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/176383" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-06154" }, { "db": "JVNDB", "id": "JVNDB-2017-004058" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.9 }, { "problemtype": "CWE-787", "trust": 1.0 } ], "sources": [ { "db": "VULHUB", "id": "VHN-115070" }, { "db": "JVNDB", "id": "JVNDB-2017-004058" }, { "db": "NVD", "id": "CVE-2017-6867" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/98368" }, { "trust": 1.1, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6867" }, { "trust": 0.8, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-306-01" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2017-6867" }, { "trust": 0.6, "url": "http://www.siemens.com/cert/en/cert-security-advisories.htm" }, { "trust": 0.3, "url": "http://www.siemens.com/" }, { "trust": 0.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-03" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2017-06154" }, { "db": "VULHUB", "id": "VHN-115070" }, { "db": "BID", "id": "98368" }, { "db": "JVNDB", "id": "JVNDB-2017-004058" }, { "db": "CNNVD", "id": "CNNVD-201703-630" }, { "db": "NVD", "id": "CVE-2017-6867" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39" }, { "db": "CNVD", "id": "CNVD-2017-06154" }, { "db": "VULHUB", "id": "VHN-115070" }, { "db": "BID", "id": "98368" }, { "db": "JVNDB", "id": "JVNDB-2017-004058" }, { "db": "CNNVD", "id": "CNNVD-201703-630" }, { "db": "NVD", "id": "CVE-2017-6867" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-05-09T00:00:00", "db": "IVD", "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39" }, { "date": "2017-05-09T00:00:00", "db": "CNVD", "id": "CNVD-2017-06154" }, { "date": "2017-05-11T00:00:00", "db": "VULHUB", "id": "VHN-115070" }, { "date": "2017-05-09T00:00:00", "db": "BID", "id": "98368" }, { "date": "2017-06-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-004058" }, { "date": "2017-03-16T00:00:00", "db": "CNNVD", "id": "CNNVD-201703-630" }, { "date": "2017-05-11T10:29:00.260000", "db": "NVD", "id": "CVE-2017-6867" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-22T00:00:00", "db": "CNVD", "id": "CNVD-2017-06154" }, { "date": "2018-06-14T00:00:00", "db": "VULHUB", "id": "VHN-115070" }, { "date": "2017-05-23T16:23:00", "db": "BID", "id": "98368" }, { "date": "2018-06-13T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-004058" }, { "date": "2017-05-31T00:00:00", "db": "CNNVD", "id": "CNNVD-201703-630" }, { "date": "2024-11-21T03:30:41.697000", "db": "NVD", "id": "CVE-2017-6867" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201703-630" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens SIMATIC Vulnerability that can crash services in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-004058" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation", "sources": [ { "db": "IVD", "id": "81c5d14f-8537-4b60-aa16-b99aec0c6e39" }, { "db": "CNNVD", "id": "CNNVD-201703-630" } ], "trust": 0.8 } }
cve-2019-10929
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | x_refsource_MISC | |
https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf | x_refsource_MISC | |
https://www.us-cert.gov/ics/advisories/icsa-19-344-04 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T22:40:15.230Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SIMATIC CP 1626", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V20.8" } ] }, { "product": "SIMATIC HMI Panel (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC NET PC Software V14", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP1 Update 14" } ] }, { "product": "SIMATIC NET PC Software V15", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.4.0" } ] }, { "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.8.1" } ] }, { "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V20.8" } ] }, { "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.0" } ] }, { "product": "SIMATIC STEP 7 (TIA Portal)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16" } ] }, { "product": "SIMATIC WinCC (TIA Portal)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16" } ] }, { "product": "SIMATIC WinCC OA", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.16 P013" } ] }, { "product": "SIMATIC WinCC Runtime Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16" } ] }, { "product": "SIMATIC WinCC Runtime Professional", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V16" } ] }, { "product": "TIM 1531 IRC (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC STEP 7 (TIA Portal) (All versions \u003c V16), SIMATIC WinCC (TIA Portal) (All versions \u003c V16), SIMATIC WinCC OA (All versions \u003c V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions \u003c V16), SIMATIC WinCC Runtime Professional (All versions \u003c V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions \u003c V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-327", "description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T11:16:07", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "productcert@siemens.com", "ID": "CVE-2019-10929", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SIMATIC CP 1626", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V20.8" } ] } }, { "product_name": "SIMATIC HMI Panel (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC NET PC Software V14", "version": { "version_data": [ { "version_value": "All versions \u003c V14 SP1 Update 14" } ] } }, { "product_name": "SIMATIC NET PC Software V15", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V4.4.0" } ] } }, { "product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V2.8.1" } ] } }, { "product_name": "SIMATIC S7-1500 Software Controller", "version": { "version_data": [ { "version_value": "All versions \u003c V20.8" } ] } }, { "product_name": "SIMATIC S7-PLCSIM Advanced", "version": { "version_data": [ { "version_value": "All versions \u003c V3.0" } ] } }, { "product_name": "SIMATIC STEP 7 (TIA Portal)", "version": { "version_data": [ { "version_value": "All versions \u003c V16" } ] } }, { "product_name": "SIMATIC WinCC (TIA Portal)", "version": { "version_data": [ { "version_value": "All versions \u003c V16" } ] } }, { "product_name": "SIMATIC WinCC OA", "version": { "version_data": [ { "version_value": "All versions \u003c V3.16 P013" } ] } }, { "product_name": "SIMATIC WinCC Runtime Advanced", "version": { "version_data": [ { "version_value": "All versions \u003c V16" } ] } }, { "product_name": "SIMATIC WinCC Runtime Professional", "version": { "version_data": [ { "version_value": "All versions \u003c V16" } ] } }, { "product_name": "TIM 1531 IRC (incl. SIPLUS NET variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V2.1" } ] } } ] }, "vendor_name": "Siemens" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC STEP 7 (TIA Portal) (All versions \u003c V16), SIMATIC WinCC (TIA Portal) (All versions \u003c V16), SIMATIC WinCC OA (All versions \u003c V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions \u003c V16), SIMATIC WinCC Runtime Professional (All versions \u003c V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions \u003c V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm" } ] } ] }, "references": { "reference_data": [ { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf" }, { "name": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", "refsource": "MISC", "url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04" } ] } } } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-10929", "datePublished": "2019-08-13T18:55:57", "dateReserved": "2019-04-08T00:00:00", "dateUpdated": "2024-08-04T22:40:15.230Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }