All the vulnerabilites related to Siemens - SINAMICS S210
cve-2019-6568
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T20:23:22.207Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC CP 1604", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 1616", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 343-1 Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1 Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC CP 443-1 OPC UA", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8FX PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.6" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd4" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC IPC DiagMonitor", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1.3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF182C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF185C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF186C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF188C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.0" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RF600R family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC RFID 181EIP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.6.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315T-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317T-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317TF-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319F-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-PLCSIM Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.0 SP1 UPD1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Basic", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC Teleservice Adapter IE Standard", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX F 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2010 SP3" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinCC Runtime Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd4" } ] }, { "defaultStatus": "unknown", "product": "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.3" } ] }, { "defaultStatus": "unknown", "product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1.3" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.6 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.7 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V4.8 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF6" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V5.1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G130 V5.1 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 SP1 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.6 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.7 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V4.8 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF6" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V5.1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS G150 V5.1 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 SP1 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GH150 V4.7 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GH150 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2 HF9" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GL150 V4.7 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GL150 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2 HF9" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GM150 V4.7 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS GM150 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2 HF9" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF6" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 SP1 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.6 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.7 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.7 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V4.8 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 HF6" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V5.1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S150 V5.1 SP1 Control Unit", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 SP1 HF4" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS S210", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1 SP1 HF8" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SL150 V4.7 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.7 HF33" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SL150 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SM120 V4.7 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SM120 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.8 SP2 HF10" } ] }, { "defaultStatus": "unknown", "product": "SINAMICS SM150 V4.8 (Control Unit)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET CP 343-1 Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET CP 443-1", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS NET CP 443-1 Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.3.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.16" } ] }, { "defaultStatus": "unknown", "product": "SITOP Manager", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1" } ] }, { "defaultStatus": "unknown", "product": "SITOP PSU8600", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.5" } ] }, { "defaultStatus": "unknown", "product": "SITOP UPS1600 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.3" } ] }, { "defaultStatus": "unknown", "product": "TIM 1531 IRC (incl. SIPLUS NET variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] } ], "descriptions": [ { "lang": "en", "value": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-09T11:51:03.049Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-6568", "datePublished": "2019-04-17T13:40:24", "dateReserved": "2019-01-22T00:00:00", "dateUpdated": "2024-08-04T20:23:22.207Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
var-201904-0174
Vulnerability from variot
The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device.
The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensCP, SIAMTIC, SIMOCODE, SINAMICS, SITOP and TIM are all devices manufactured by Siemens. Multiple Siemens products are prone to an unspecified denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. A vulnerability has been identified in CP1604, CP1616, SIMATIC CP343-1 Advanced, SIMATIC CP443-1, SIMATIC CP443-1 Advanced, SIMATIC CP443-1 OPC UA, SIMATIC ET 200 SP Open Controller CPU 1515SP PC, SIMATIC ET 200 SP Open Controller CPU 1515SP PC2, SIMATIC HMI Comfort Outdoor Panels 7" & 15", SIMATIC HMI Comfort Panels 4" - 22", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF181-EIP, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600R, SIMATIC S7-1500 CPU family, SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family, SIMATIC S7-400 PN (incl. F) V6 and below, SIMATIC S7-400 PN/DP V7 (incl. F), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP, SIMOCODE pro V PN, SINAMICS G130 V4.6 (Control Unit), SINAMICS G130 V4.7 (Control Unit), SINAMICS G130 V4.7 SP1 (Control Unit), SINAMICS G130 V4.8 (Control Unit), SINAMICS G130 V5.1 (Control Unit), SINAMICS G130 V5.1 SP1 (Control Unit), SINAMICS G150 V4.6 (Control Unit), SINAMICS G150 V4.7 (Control Unit), SINAMICS G150 V4.7 SP1 (Control Unit), SINAMICS G150 V4.8 (Control Unit), SINAMICS G150 V5.1 (Control Unit), SINAMICS G150 V5.1 SP1 (Control Unit), SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 (Control Unit), SINAMICS S120 V4.7 (Control Unit), SINAMICS S120 V4.7 SP1 (Control Unit), SINAMICS S120 V4.8 (Control Unit), SINAMICS S120 V5.1 (Control Unit), SINAMICS S120 V5.1 SP1 (Control Unit), SINAMICS S150 V4.6 (Control Unit), SINAMICS S150 V4.7 (Control Unit), SINAMICS S150 V4.7 SP1 (Control Unit), SINAMICS S150 V4.8 (Control Unit), SINAMICS S150 V5.1 (Control Unit), SINAMICS S150 V5.1 SP1 (Control Unit), SINAMICS S210 V5.1 (Control Unit), SINAMICS S210 V5.1 SP1 (Control Unit), SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600, TIM 1531 IRC. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. CP1616 is a communications processor. SIMATIC S7-1500 is a programmable logic controller. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0174", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "sinamics s210", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s150", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "5.1" }, { "model": "simatic hmi comfort outdoor panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinamics sm120", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic s7-plcsim advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic ipc diagmonitor", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.1.3" }, { "model": "simatic s7-1500s", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.6.1" }, { "model": "sinamics gh150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime advanced", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinamics gl150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic s7-400 pn", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simocode pro v pn", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1.3" }, { "model": "sinamics gm150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic s7-1500", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.6.1" }, { "model": "simatic cp443-1 advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics sl150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "sitop manager", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1" }, { "model": "sinamics sm120", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic hmi comfort panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "sinamics g130", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.2" }, { "model": "cp1604", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic winac rtx", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2010" }, { "model": "sinamics s120", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.2" }, { "model": "sitop psu8600", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.5" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic cp443-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simocode pro v eip", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.3" }, { "model": "simatic s7-plcsim advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-400 pn\\/dp", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sitop ups1600", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.3" }, { "model": "simatic s7-1500 software controller", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "sinamics sm150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "simatic rf182c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic rf600r", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.2.1" }, { "model": "cp1616", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic teleservice adapter ie standard", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic rf185c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.0" }, { "model": "simatic rf186c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.0" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic teleservice adapter ie basic", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinamics gm150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic s7-1500t", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.6.1" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic s7-300", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.3.17" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinamics gh150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic rf188c", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.1.0" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinamics gl150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1.6" }, { "model": "sinamics g150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.2" }, { "model": "sinamics s150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "simatic winac rtx", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2010" }, { "model": "sinamics sl150", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.8" }, { "model": "simatic cp443-1 opc ua", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics sm150", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic rf181-eip", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "tim 1531 irc", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "simatic s7-1500f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.6.1" }, { "model": "simatic cp343-1 advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinamics s210", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "simatic teleservice adapter ie advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic cp 1543sp-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1604", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 1616", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 343-1 advanced", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1 adv", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic cp 443-1", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200 sp open controller cpu 1515sp pc", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200 sp open controller cpu 1515sp pc2", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort outdoor panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic hmi comfort panels", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic rf185c", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "sinamics s150", "version": "5.1" }, { "model": "simatic winac rtx sp2 all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "simatic s7-300 cpu family all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn/dp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v7" }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics s120", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics g130 and g150", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic rf182c", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp443-1 opc ua", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic ipc diagmonitor", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic rf188c", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic rf600r", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "cp1604", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "cp1616", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et sp open controller cpu 1515sp pc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "200\u003cv2.1.6" }, { "model": "simatic hmi comfort panels 4\" 22\"", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-400 pn", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v6" }, { "model": "sinamics s150", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinamics s210", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v5.1" }, { "model": "sinamics s210 sp1", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v5.1" }, { "model": "tim irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1531" }, { "model": "simatic hmi comfort outdoor panels 7\" \u0026 15\"", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic rf181-eip", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic rf186c", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic s7-plcsim advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter ie advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter ie basic", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic teleservice adapter ie standard", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simocode pro eip", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v" }, { "model": "simocode pro pn", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v" }, { "model": "sitop manager", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sitop psu8600", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sitop ups1600", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "siamtic rf185c", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp343-1 advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp443-1", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp443-1 advanced", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et sp open controller cpu 1515sp pc2", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "200" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "sinamics s210", "version": "5.1" }, { "model": "tim irc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "15310" }, { "model": "sitop ups1600", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sitop psu8600", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sitop manager", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinamics s210 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s150 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics s150 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.6" }, { "model": "sinamics s120 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics s120 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics s120", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.6" }, { "model": "sinamics g150 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics g150 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g150", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.6" }, { "model": "sinamics g130 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g130", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g130", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics g130 sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g130", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.7" }, { "model": "sinamics g130", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "4.6" }, { "model": "simocode pro pn", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v0" }, { "model": "simocode pro eip", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v0" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic winac rtx", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "20100" }, { "model": "simatic teleservice adapter ie standard", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic teleservice adapter ie basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic teleservice adapter ie advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-plcsim advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-400 pn/dp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7" }, { "model": "simatic s7-400 pn", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v60" }, { "model": "simatic s7-300 cpu", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic s7-1500 cpu", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf600r", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf188c", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf186c", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf185c", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf182c", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic ipc diagmonitor", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp900f mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp900 mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp700f mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp700 mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp400f mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi ktp mobile panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic et200 open controller cpu 1515sp pc2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic et200 open controller cpu 1515sp pc", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic cp opc ua", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "simatic cp advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "simatic cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "simatic cp advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "343-10" }, { "model": "rfid 181-eip", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "16160" }, { "model": "cp", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "16040" }, { "model": "sinamics s150 sp1 hf4", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s150 hf6", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics s120 sp1 hf4", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics s120 hf6", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics g150 sp1 hf4", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g150 hf6", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "sinamics g130 sp1 hf4", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "5.1" }, { "model": "sinamics g130 hf6", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "4.8" }, { "model": "simatic s7-300 cpu", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "v3.x.16" }, { "model": "simatic et200 open controller cpu 1515sp pc", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "2.1.6" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "cp1604", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi comfort panels", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp400f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp700", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp700f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp900", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi ktp mobile panels ktp900f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp443 1 opc ua", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic ipc diagmonitor", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 controller", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 plcsim advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sitop manager", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf600r", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf188c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf186c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "cp1616", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf182c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf181 eip", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 300", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400 pn", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 400 pn dp", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter ie advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter ie basic", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic teleservice adapter ie standard", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx 2010", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf185c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simocode pro v eip", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simocode pro v pn", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g130", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics g150", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s120", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s150", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinamics s210", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sitop psu8600", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sitop ups1600", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "tim 1531 irc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp343 1 advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500f", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500s", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500t", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp443 1", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp443 1 advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200 sp open controller cpu 1515sp pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200 sp open controller cpu 1515sp pc2", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic hmi comfort outdoor panels", "version": "*" } ], "sources": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "BID", "id": "107842" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1604_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_1616_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp343-1_advanced_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_adv_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels", "vulnerable": true }, { "cpe22Uri": "cpe:/o:siemens:simatic_rf185c_firmware", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003541" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported this vulnerability to NCCIC.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201904-458" } ], "trust": 0.6 }, "cve": "CVE-2019-6568", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2019-6568", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2019-12904", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-158003", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2019-6568", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-6568", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-6568", "trust": 1.0, "value": "HIGH" }, { "author": "productcert@siemens.com", "id": "CVE-2019-6568", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-6568", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2019-12904", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201904-458", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-158003", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "VULHUB", "id": "VHN-158003" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNNVD", "id": "CNNVD-201904-458" }, { "db": "NVD", "id": "CVE-2019-6568" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device. \r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensCP, SIAMTIC, SIMOCODE, SINAMICS, SITOP and TIM are all devices manufactured by Siemens. Multiple Siemens products are prone to an unspecified denial-of-service vulnerability. \nAttackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. A vulnerability has been identified in CP1604, CP1616, SIMATIC CP343-1 Advanced, SIMATIC CP443-1, SIMATIC CP443-1 Advanced, SIMATIC CP443-1 OPC UA, SIMATIC ET 200 SP Open Controller CPU 1515SP PC, SIMATIC ET 200 SP Open Controller CPU 1515SP PC2, SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\", SIMATIC HMI Comfort Panels 4\" - 22\", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF181-EIP, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600R, SIMATIC S7-1500 CPU family, SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family, SIMATIC S7-400 PN (incl. F) V6 and below, SIMATIC S7-400 PN/DP V7 (incl. F), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP, SIMOCODE pro V PN, SINAMICS G130 V4.6 (Control Unit), SINAMICS G130 V4.7 (Control Unit), SINAMICS G130 V4.7 SP1 (Control Unit), SINAMICS G130 V4.8 (Control Unit), SINAMICS G130 V5.1 (Control Unit), SINAMICS G130 V5.1 SP1 (Control Unit), SINAMICS G150 V4.6 (Control Unit), SINAMICS G150 V4.7 (Control Unit), SINAMICS G150 V4.7 SP1 (Control Unit), SINAMICS G150 V4.8 (Control Unit), SINAMICS G150 V5.1 (Control Unit), SINAMICS G150 V5.1 SP1 (Control Unit), SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 (Control Unit), SINAMICS S120 V4.7 (Control Unit), SINAMICS S120 V4.7 SP1 (Control Unit), SINAMICS S120 V4.8 (Control Unit), SINAMICS S120 V5.1 (Control Unit), SINAMICS S120 V5.1 SP1 (Control Unit), SINAMICS S150 V4.6 (Control Unit), SINAMICS S150 V4.7 (Control Unit), SINAMICS S150 V4.7 SP1 (Control Unit), SINAMICS S150 V4.8 (Control Unit), SINAMICS S150 V5.1 (Control Unit), SINAMICS S150 V5.1 SP1 (Control Unit), SINAMICS S210 V5.1 (Control Unit), SINAMICS S210 V5.1 SP1 (Control Unit), SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600, TIM 1531 IRC. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. CP1616 is a communications processor. SIMATIC S7-1500 is a programmable logic controller. The vulnerability stems from the failure of the network system or product to properly validate the input data", "sources": [ { "db": "NVD", "id": "CVE-2019-6568" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "BID", "id": "107842" }, { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "VULHUB", "id": "VHN-158003" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-6568", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-19-099-06", "trust": 2.3 }, { "db": "SIEMENS", "id": "SSA-480230", "trust": 2.0 }, { "db": "SIEMENS", "id": "SSA-530931", "trust": 1.7 }, { "db": "ICS CERT", "id": "ICSA-19-227-04", "trust": 1.4 }, { "db": "BID", "id": "107842", "trust": 1.0 }, { "db": "CNNVD", "id": "CNNVD-201904-458", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-12904", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-003541", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2019.3150", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.1204.2", "trust": 0.6 }, { "db": "IVD", "id": "A397CC8B-EE17-4FAF-8447-E9EE5F57DD12", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-158003", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "VULHUB", "id": "VHN-158003" }, { "db": "BID", "id": "107842" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNNVD", "id": "CNNVD-201904-458" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "id": "VAR-201904-0174", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "VULHUB", "id": "VHN-158003" } ], "trust": 1.5998432480392157 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS", "Network device" ], "sub_category": null, "trust": 0.6 }, { "category": [ "ICS" ], "sub_category": null, "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" } ] }, "last_update_date": "2024-11-23T22:25:58.024000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-480230", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf" }, { "title": "SSA-530931", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf" }, { "title": "Patches for multiple Siemens product denial of service vulnerabilities", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/160237" }, { "title": "Multiple Siemens Product security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=91286" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNNVD", "id": "CNNVD-201904-458" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-125", "trust": 1.1 }, { "problemtype": "CWE-20", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158003" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-099-06" }, { "trust": 2.0, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf" }, { "trust": 1.4, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-227-04" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6568" }, { "trust": 0.9, "url": "http://subscriber.communications.siemens.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6568" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.3150/" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-099-06" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-099-06" }, { "trust": 0.6, "url": "https://www.securityfocus.com/bid/107842" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-webserver-28976" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/78710" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "VULHUB", "id": "VHN-158003" }, { "db": "BID", "id": "107842" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNNVD", "id": "CNNVD-201904-458" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "db": "CNVD", "id": "CNVD-2019-12904" }, { "db": "VULHUB", "id": "VHN-158003" }, { "db": "BID", "id": "107842" }, { "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "db": "CNNVD", "id": "CNNVD-201904-458" }, { "db": "NVD", "id": "CVE-2019-6568" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-05T00:00:00", "db": "IVD", "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12" }, { "date": "2019-05-05T00:00:00", "db": "CNVD", "id": "CNVD-2019-12904" }, { "date": "2019-04-17T00:00:00", "db": "VULHUB", "id": "VHN-158003" }, { "date": "2019-04-09T00:00:00", "db": "BID", "id": "107842" }, { "date": "2019-05-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "date": "2019-04-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201904-458" }, { "date": "2019-04-17T14:29:03.683000", "db": "NVD", "id": "CVE-2019-6568" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-07T00:00:00", "db": "CNVD", "id": "CNVD-2019-12904" }, { "date": "2023-01-10T00:00:00", "db": "VULHUB", "id": "VHN-158003" }, { "date": "2019-04-09T00:00:00", "db": "BID", "id": "107842" }, { "date": "2019-08-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003541" }, { "date": "2023-04-12T00:00:00", "db": "CNNVD", "id": "CNNVD-201904-458" }, { "date": "2024-11-21T04:46:42.773000", "db": "NVD", "id": "CVE-2019-6568" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201904-458" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Vulnerability related to input validation in multiple Siemens products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-003541" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201904-458" } ], "trust": 0.6 } }
var-202312-0253
Vulnerability from variot
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions < V3.0.37), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions < V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used.
An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product. 6gk7243-8rx30-0xe0 firmware, 6gk7543-1ax00-0xe0 firmware, 6ag1543-1ax00-2xe0 Multiple Siemens products, including firmware, are vulnerable to a lack of freeing memory after expiration.Service operation interruption (DoS) It may be in a state. The SIMATIC CP 1242 and CP 1243 associated processors connect the SIMATIC S7-1200 controller to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1543-1 communications processor connects the SIMATIC S7-1500 controller to Ethernet. They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols.
A denial of service vulnerability exists in the Siemens Industrial Products Web Server
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202312-0253", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "6gk7243-8rx30-0xe0", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "sinamics s210", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.2" }, { "model": "simatic cp 1243-1 iec", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic cp 1243-1 dnp3", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "sinamics s210", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "simatic cp 1242-7 v2", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic cp 1243-1", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic cp 1243-7 lte", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "sinamics s210", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "6.1" }, { "model": "6ag1543-1ax00-2xe0", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "6gk7543-1ax00-0xe0", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic cp 1243-7 lte", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6ag1543-1ax00-2xe0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "sinamics s210", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6gk7243-8rx30-0xe0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1243-1", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1243-1 iec", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1243-1 dnp3", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "6gk7543-1ax00-0xe0", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp 1242-7 v2", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "simatic cp irc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-8" }, { "model": "simatic cp dnp3", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-1" }, { "model": "simatic cp iec", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-1" }, { "model": "simatic cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1242-7v2" }, { "model": "simatic cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-1" }, { "model": "simatic cp lte", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1243-7" }, { "model": "simatic cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1543-1" }, { "model": "sinamics s210 hf2", "scope": "gte", "trust": 0.6, "vendor": "siemens", "version": "v6.1,\u003cv6.1" }, { "model": "siplus net cp", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "1543-1" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97273" }, { "db": "JVNDB", "id": "JVNDB-2023-019860" }, { "db": "NVD", "id": "CVE-2023-38380" } ] }, "cve": "CVE-2023-38380", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2023-97273", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "productcert@siemens.com", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2023-38380", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2023-019860", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "productcert@siemens.com", "id": "CVE-2023-38380", "trust": 1.0, "value": "HIGH" }, { "author": "OTHER", "id": "JVNDB-2023-019860", "trust": 0.8, "value": "High" }, { "author": "CNVD", "id": "CNVD-2023-97273", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97273" }, { "db": "JVNDB", "id": "JVNDB-2023-019860" }, { "db": "NVD", "id": "CVE-2023-38380" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions \u003c V3.0.37), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SINAMICS S210 (6SL5...) (All versions \u003e= V6.1 \u003c V6.1 HF2), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions \u003c V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used. \r\n\r\nAn attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product. 6gk7243-8rx30-0xe0 firmware, 6gk7543-1ax00-0xe0 firmware, 6ag1543-1ax00-2xe0 Multiple Siemens products, including firmware, are vulnerable to a lack of freeing memory after expiration.Service operation interruption (DoS) It may be in a state. The SIMATIC CP 1242 and CP 1243 associated processors connect the SIMATIC S7-1200 controller to the wide area network (WAN). They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. The SIMATIC CP 1543-1 communications processor connects the SIMATIC S7-1500 controller to Ethernet. They offer integrated security features such as firewalls, virtual private networks (VPNs), and support for other data encryption protocols. \n\r\n\r\nA denial of service vulnerability exists in the Siemens Industrial Products Web Server", "sources": [ { "db": "NVD", "id": "CVE-2023-38380" }, { "db": "JVNDB", "id": "JVNDB-2023-019860" }, { "db": "CNVD", "id": "CNVD-2023-97273" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-38380", "trust": 3.2 }, { "db": "SIEMENS", "id": "SSA-693975", "trust": 2.4 }, { "db": "SIEMENS", "id": "SSA-139628", "trust": 1.0 }, { "db": "SIEMENS", "id": "SSA-625862", "trust": 1.0 }, { "db": "JVN", "id": "JVNVU93250330", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU98271228", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-24-165-10", "trust": 0.8 }, { "db": "ICS CERT", "id": "ICSA-23-348-08", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2023-019860", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2023-97273", "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97273" }, { "db": "JVNDB", "id": "JVNDB-2023-019860" }, { "db": "NVD", "id": "CVE-2023-38380" } ] }, "id": "VAR-202312-0253", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2023-97273" } ], "trust": 1.4210873 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97273" } ] }, "last_update_date": "2024-08-14T12:47:17.949000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Patch for Siemens Industrial Products Web Server Denial of Service Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchInfo/show/500376" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97273" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-401", "trust": 1.0 }, { "problemtype": "Lack of memory release after expiration (CWE-401) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-019860" }, { "db": "NVD", "id": "CVE-2023-38380" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf" }, { "trust": 1.6, "url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html" }, { "trust": 1.0, "url": "https://cert-portal.siemens.com/productcert/html/ssa-625862.html" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu98271228/" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu93250330/index.html" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-38380" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-08" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-10" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2023-97273" }, { "db": "JVNDB", "id": "JVNDB-2023-019860" }, { "db": "NVD", "id": "CVE-2023-38380" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2023-97273" }, { "db": "JVNDB", "id": "JVNDB-2023-019860" }, { "db": "NVD", "id": "CVE-2023-38380" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-12-14T00:00:00", "db": "CNVD", "id": "CNVD-2023-97273" }, { "date": "2024-01-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2023-019860" }, { "date": "2023-12-12T12:15:11.477000", "db": "NVD", "id": "CVE-2023-38380" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-12-13T00:00:00", "db": "CNVD", "id": "CNVD-2023-97273" }, { "date": "2024-06-17T06:15:00", "db": "JVNDB", "id": "JVNDB-2023-019860" }, { "date": "2024-06-11T12:15:10.630000", "db": "NVD", "id": "CVE-2023-38380" } ] }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Lack of Freeing Memory After Expiration Vulnerability in Multiple Siemens Products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2023-019860" } ], "trust": 0.8 } }